The Update Framework – Securing Your Software Updates with Justin Cappos – Episode 99

Summary

If you write software then there’s a good probability that you have had to deal with installing dependencies, but did you stop to ask whether you’re installing what you think you are? My guest this week is Professor Justin Cappos from the Secure Systems Lab at New York University and he joined me to discuss his work on The Update Framework which was built to guarantee that you never install a compromised package in your systems.

linode-banner-sponsor-largeDo you want to try out some of the tools and applications that you heard about on Podcast.__init__? Do you have a side project that you want to share with the world? Check out Linode at linode.com/podcastinit or use the code podcastinit2017 and get a $20 credit to try out their fast and reliable Linux virtual servers. They’ve got lightning fast networking and SSD servers with plenty of power and storage to run whatever you want to experiment on.


GoCD is the on-premise open source continuous delivery server created by ThoughtWorks and modeled after the ideas in the Continuous Delivery book by Jez Humble and David Farley.

With GoCD’s comprehensive pipeline modeling, you can model complex workflows for multiple teams with ease. And GoCD’s Value Stream Map lets you track a change from commit to deploy at a glance.

GoCD’s real power is in the visibility it provides over your end-to-end workflow. So you get complete control of and visibility into your deployments, across multiple teams.

Say goodbye to deployment panic and hello to consistent, predictable deliveries.

To learn more about GoCD, visit gocd.org for a free download. Professional Support and enterprise add-ons, including disaster recovery, are available.


Preface

  • Hello and welcome to Podcast.__init__, the podcast about Python and the people who make it great.
  • I would like to thank everyone who has donated to the show. Your contributions help us make the show sustainable.
  • When you’re ready to launch your next project you’ll need somewhere to deploy it. Check out Linode at linode.com/podcastinit and get a $20 credit to try out their fast and reliable Linux virtual servers for running your awesome app.
  • Visit our site to subscribe to our show, sign up for our newsletter, read the show notes, and get in touch.
  • To help other people find the show you can leave a review on iTunes, or Google Play Music, and tell your friends and co-workers
  • Your host as usual is Tobias Macey and today I’m interviewing Justin Cappos about The Update Framework, an open spec and reference implementation for mitigating attacks on software update systems.

Interview

  • Introduction
  • How did you first get introduced to Python?
  • Please start by explaining what The Update Framework (TUF) is and the problem that you were trying to solve when you created it.
  • How is TUF architected and what led you to choose Python for the reference implementation?
  • TUF addresses the problem of ensuring that the packages that get installed are created by the right developers, but how do you properly establish trust in the first place?
  • Why are consistent and auditable dependencies important for the security of a system and how does TUF help with that goal?
  • What are some of the known attack vectors for a software update system and how do Python and other systems attempt to mitigate these vulnerabilities?
  • One of the perennial problems with any dependency management system is that of transitive dependencies. How does TUF handle this extra complexity of ensuring that all of the secondary, tertiary, etc. dependencies are also properly pinned and trusted?
  • For someone who wants to start using TUF what are the steps to get it set up with pip?
  • How would a project that wants to use TUF, do so?
  • Who is using TUF and when will it be used with PyPI?

Keep In Touch

Picks

Links

The intro and outro music is from Requiem for a Fish The Freak Fandango Orchestra / CC BY-SA