{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Full Time Nix","title":"Trust in Nix with Martin Schwaighofer","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/1b29c1cf\"></iframe>","width":"100%","height":180,"duration":5719,"description":"https://fulltimenix.com/episodes/martin-schwaighofer-steering-committee-candidatehttps://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdfhttps://github.com/NixOS/nixpkgshttps://oxide.computer/https://github.com/nix-community/lanzabootehttps://en.wikipedia.org/wiki/UEFI#Secure_BootNixCon2024 rebuilding builders instead of trusting trust https://youtu.be/UlJUpUQc9Lc?si=_EebfQszx062M2mRExtending cloud build systems to eliminate transitive trust:https://discourse.nixos.org/t/extending-cloud-build-systems-to-eliminate-transitive-trust/50841https://scored.dev/https://reproducible-builds.org/Build systems à la carte: Theory and practicehttps://www.cambridge.org/core/journals/journal-of-functional-programming/article/build-systems-a-la-carte-theory-and-practice/097CE52C750E69BD16B78C318754C7A4?utm_campaign=shareaholic&utm_medium=copy_link&utm_source=bookmarkImplementing a content-addressed Nix, 2 December 2021 — by Théophane Hufschmitthttps://www.tweag.io/blog/2021-12-02-nix-cas-4/https://github.com/nix-community/trustixhttps://nixos.org/research/00:00 Introduction and Background01:28 Martin's Journey in Computer Science02:57 Compiler Construction Course Insights04:20 The Concept of Self-Compiling Compilers07:10 Hiding stuff in the compiler08:47 Trusting Trust: Compiler Security Issues09:58 Nix and Build Process Management12:09 Bootstrapping and Auditing in Nixpkgs13:21 Trust in Software and Hardware Security18:01 Secure Boot and Its Implications20:39 Scenario: Government Agency Targeting22:15 More on boot security28:09 The Role of Secure Boot and Measured Boot29:52 Measured boot35:13 Democratizing Trust with Remote Attestation36:11 Raising the bar on security39:31 Research Directions in Supply Chain Security47:34 Enhancing Nix for Security and Efficiency50:20 Understanding Reproducibility in Build Processes53:13 Navigating Trust and Threat Models in Nix53:22 Identifying Gaps in Nix's Trust Mechanisms56:48 Attribution and Trust in Build...","thumbnail_url":"https://img.transistorcdn.com/7NFFun166T66lu_dSbdoELdq995G1yBDX3YdgBqa9Ik/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS81NDUw/YzMwNjE0NjA4NGIx/NzMyZWIwYTVlYzU2/YjFhNi5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}