Hi, intro, and introducing System Transparency
Fredrik Strömberg
stromberg at mullvad.net
Sun Jan 17 12:40:45 UTC 2021
Hi everyone,
For the past 11 years I've been interested in the question of how to
establish trust between a user and a service operator (and their
infrastructure). Reproducible builds is an important puzzle piece on
the road to achieving that goal. I've been a fan of the concept since
Tor started using Gitian for TBB.
In order to facilitate that trust building my colleagues and I have
been working on a new security architecture for our bare-metal
servers. We call it System Transparency. I believe this might be
relevant to your interests, which is why I'm sharing here. Enjoy:
https://system-transparency.org/
https://mullvad.net/en/blog/2019/6/3/system-transparency-future/
https://mullvad.net/nl/blog/2019/8/7/open-source-firmware-future/
The project has been under heavy development for the past two years,
and will be for the foreseeable future. It will enter production use
sometime this year. At that point we will expend more effort on the
reproducibility of our artifacts (with higher variance in the build
environment). Once ST's build artifacts are robustly reproducible we
will work our way down the supply chain.
Cheers,
Fredrik Strömberg
More information about the rb-general
mailing list