Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Вміст надано Shahar "Dawn" Or. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Shahar "Dawn" Or або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
Схожі до Full Time Nix
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
As we prepare for episode 600, we introduce our next challenge - and how you can join us!
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
The Fragmented Podcast is the leading Android developer podcast started by Kaushik Gopal & Donn Felker. Our goal is to help you become a better Android Developer through conversation & to capture the zeitgeist of Android development. We chat about topics such as Testing, Dependency Injection, Patterns and Practices, useful libraries, and much more. We will also be interviewing some of the top developers out there. Subscribe now and join us on the journey of becoming a better Android Developer.
…
continue reading
We help founders make something people want.
…
continue reading
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Player FM - додаток Podcast
Переходьте в офлайн за допомогою програми Player FM !
Переходьте в офлайн за допомогою програми Player FM !
))
Trust in Nix with Martin Schwaighofer
Manage episode 455138583 series 3552521
Вміст надано Shahar "Dawn" Or. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Shahar "Dawn" Or або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
https://fulltimenix.com/episodes/martin-schwaighofer-steering-committee-candidate
https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
https://github.com/NixOS/nixpkgs
https://github.com/nix-community/lanzaboote
https://en.wikipedia.org/wiki/UEFI#Secure_Boot
NixCon2024 rebuilding builders instead of trusting trust
https://youtu.be/UlJUpUQc9Lc?si=_EebfQszx062M2mR
Extending cloud build systems to eliminate transitive trust:
https://discourse.nixos.org/t/extending-cloud-build-systems-to-eliminate-transitive-trust/50841
https://reproducible-builds.org/
Build systems à la carte: Theory and practice
https://www.cambridge.org/core/journals/journal-of-functional-programming/article/build-systems-a-la-carte-theory-and-practice/097CE52C750E69BD16B78C318754C7A4?utm_campaign=shareaholic&utm_medium=copy_link&utm_source=bookmark
Implementing a content-addressed Nix, 2 December 2021 — by Théophane Hufschmitt
https://www.tweag.io/blog/2021-12-02-nix-cas-4/
https://github.com/nix-community/trustix
00:00 Introduction and Background
01:28 Martin's Journey in Computer Science
02:57 Compiler Construction Course Insights
04:20 The Concept of Self-Compiling Compilers
07:10 Hiding stuff in the compiler
08:47 Trusting Trust: Compiler Security Issues
09:58 Nix and Build Process Management
12:09 Bootstrapping and Auditing in Nixpkgs
13:21 Trust in Software and Hardware Security
18:01 Secure Boot and Its Implications
20:39 Scenario: Government Agency Targeting
22:15 More on boot security
28:09 The Role of Secure Boot and Measured Boot
29:52 Measured boot
35:13 Democratizing Trust with Remote Attestation
36:11 Raising the bar on security
39:31 Research Directions in Supply Chain Security
47:34 Enhancing Nix for Security and Efficiency
50:20 Understanding Reproducibility in Build Processes
53:13 Navigating Trust and Threat Models in Nix
53:22 Identifying Gaps in Nix's Trust Mechanisms
56:48 Attribution and Trust in Build Systems
01:05:35 Distinguishing Between Input and Content Addressing in Nix
01:06:38 Nix store hashes
01:12:52 The Challenges of Content Addressing
01:14:04 Self-References and Their Implications
01:20:24 Trust and Attribution in Build Processes
01:24:31 Future Directions for Nix and Content Addressing
01:30:00 Sponsoring opportunity
Sponsor:
41 епізодів
Поширити
Manage episode 455138583 series 3552521
Вміст надано Shahar "Dawn" Or. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Shahar "Dawn" Or або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
https://fulltimenix.com/episodes/martin-schwaighofer-steering-committee-candidate
https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
https://github.com/NixOS/nixpkgs
https://github.com/nix-community/lanzaboote
https://en.wikipedia.org/wiki/UEFI#Secure_Boot
NixCon2024 rebuilding builders instead of trusting trust
https://youtu.be/UlJUpUQc9Lc?si=_EebfQszx062M2mR
Extending cloud build systems to eliminate transitive trust:
https://discourse.nixos.org/t/extending-cloud-build-systems-to-eliminate-transitive-trust/50841
https://reproducible-builds.org/
Build systems à la carte: Theory and practice
https://www.cambridge.org/core/journals/journal-of-functional-programming/article/build-systems-a-la-carte-theory-and-practice/097CE52C750E69BD16B78C318754C7A4?utm_campaign=shareaholic&utm_medium=copy_link&utm_source=bookmark
Implementing a content-addressed Nix, 2 December 2021 — by Théophane Hufschmitt
https://www.tweag.io/blog/2021-12-02-nix-cas-4/
https://github.com/nix-community/trustix
00:00 Introduction and Background
01:28 Martin's Journey in Computer Science
02:57 Compiler Construction Course Insights
04:20 The Concept of Self-Compiling Compilers
07:10 Hiding stuff in the compiler
08:47 Trusting Trust: Compiler Security Issues
09:58 Nix and Build Process Management
12:09 Bootstrapping and Auditing in Nixpkgs
13:21 Trust in Software and Hardware Security
18:01 Secure Boot and Its Implications
20:39 Scenario: Government Agency Targeting
22:15 More on boot security
28:09 The Role of Secure Boot and Measured Boot
29:52 Measured boot
35:13 Democratizing Trust with Remote Attestation
36:11 Raising the bar on security
39:31 Research Directions in Supply Chain Security
47:34 Enhancing Nix for Security and Efficiency
50:20 Understanding Reproducibility in Build Processes
53:13 Navigating Trust and Threat Models in Nix
53:22 Identifying Gaps in Nix's Trust Mechanisms
56:48 Attribution and Trust in Build Systems
01:05:35 Distinguishing Between Input and Content Addressing in Nix
01:06:38 Nix store hashes
01:12:52 The Challenges of Content Addressing
01:14:04 Self-References and Their Implications
01:20:24 Trust and Attribution in Build Processes
01:24:31 Future Directions for Nix and Content Addressing
01:30:00 Sponsoring opportunity
Sponsor:
41 епізодів
Усі епізоди
×
Ласкаво просимо до Player FM!
Player FM сканує Інтернет для отримання високоякісних подкастів, щоб ви могли насолоджуватися ними зараз. Це найкращий додаток для подкастів, який працює на Android, iPhone і веб-сторінці. Реєстрація для синхронізації підписок між пристроями.
Схожі до Full Time Nix
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
As we prepare for episode 600, we introduce our next challenge - and how you can join us!
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
The Fragmented Podcast is the leading Android developer podcast started by Kaushik Gopal & Donn Felker. Our goal is to help you become a better Android Developer through conversation & to capture the zeitgeist of Android development. We chat about topics such as Testing, Dependency Injection, Patterns and Practices, useful libraries, and much more. We will also be interviewing some of the top developers out there. Subscribe now and join us on the journey of becoming a better Android Developer.
…
continue reading
We help founders make something people want.
…
continue reading
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Player FM - додаток Podcast
Переходьте в офлайн за допомогою програми Player FM !
Переходьте в офлайн за допомогою програми Player FM !
