Why it's hard to trust software, but you mostly have to anyway - discu.eu

Hacker News

Why it's hard to trust software, but you mostly have to anyway https://educatedguesswork.org/posts/ensuring-software-provenance/ 127 comments 28/12/2024

Linked pages

GitHub: Let’s build from here · GitHub https://github.com 3047 comments
App Review Guidelines - Apple Developer https://developer.apple.com/app-store/review/guidelines/ 2418 comments
https://crates.io 912 comments
The Underhanded C Contest http://www.underhanded-c.org/ 544 comments
PyPI now supports digital attestations - The Python Package Index Blog https://blog.pypi.org/posts/2024-11-14-pypi-now-supports-digital-attestations/ 334 comments
Update on apps distributed in the European Union - Support - Apple Developer https://developer.apple.com/support/dma-and-apps-in-the-eu/#interoperability 283 comments
PyPI · The Python Package Index https://pypi.org 269 comments
Removing PGP from PyPI - The Python Package Index Blog https://blog.pypi.org/posts/2023-05-23-removing-pgp/ 260 comments
npm | Home https://www.npmjs.com/ 238 comments
Our audit of Homebrew | Trail of Bits Blog https://blog.trailofbits.com/2024/07/30/our-audit-of-homebrew/ 198 comments
Homebrew — The Missing Package Manager for macOS (or Linux) https://brew.sh 184 comments
Every trick Microsoft pulled to make you browse Edge instead of Chrome - The Verge https://www.theverge.com/23935029/microsoft-edge-forced-windows-10-google-chrome-fight 152 comments
Signing Mac Software with Developer ID - Apple Developer https://developer.apple.com/developer-id/ 132 comments
Sigstore https://sigstore.dev/ 106 comments
Welcome â Gentoo Linux https://www.gentoo.org 84 comments
RFC 9420 - The Messaging Layer Security (MLS) Protocol https://datatracker.ietf.org/doc/html/rfc9420 69 comments
Security/Binary Transparency - MozillaWiki https://wiki.mozilla.org/Security/Binary_Transparency 38 comments
How Cloudflare verifies the code WhatsApp Web serves to users https://blog.cloudflare.com/cloudflare-verifies-code-whatsapp-web-serves-users/ 19 comments
Attestations: A new generation of signatures on PyPI | Trail of Bits Blog https://blog.trailofbits.com/2024/11/14/attestations-a-new-generation-of-signatures-on-pypi/ 8 comments
Introduction - Cargo Vet https://mozilla.github.io/cargo-vet/ 2 comments

Related searches:

Search whole site: site:educatedguesswork.org

Search title: Why it's hard to trust software, but you mostly have to anyway

See how to search.

Submit link to: