If you write software then there’s a good probability that you have had to deal with installing dependencies, but did you stop to ask whether you’re installing what you think you are? My guest this week is Professor Justin Cappos from the Secure Systems Lab at New York University and he joined me to discuss his work on The Update Framework which was built to guarantee that you never install a compromised package in your systems.
Do you want to try out some of the tools and applications that you heard about on Podcast.__init__? Do you have a side project that you want to share with the world? Check out Linode at linode.com/podcastinit or use the code podcastinit2019 and get a $20 credit to try out their fast and reliable Linux virtual servers. They’ve got lightning fast networking and SSD servers with plenty of power and storage to run whatever you want to experiment on.
- Hello and welcome to Podcast.__init__, the podcast about Python and the people who make it great.
- I would like to thank everyone who has donated to the show. Your contributions help us make the show sustainable.
- When you’re ready to launch your next project you’ll need somewhere to deploy it. Check out Linode at linode.com/podcastinit and get a $20 credit to try out their fast and reliable Linux virtual servers for running your awesome app.
- Visit our site to subscribe to our show, sign up for our newsletter, read the show notes, and get in touch.
- To help other people find the show you can leave a review on iTunes, or Google Play Music, and tell your friends and co-workers
- Your host as usual is Tobias Macey and today I’m interviewing Justin Cappos about The Update Framework, an open spec and reference implementation for mitigating attacks on software update systems.
- How did you first get introduced to Python?
- Please start by explaining what The Update Framework (TUF) is and the problem that you were trying to solve when you created it.
- How is TUF architected and what led you to choose Python for the reference implementation?
- TUF addresses the problem of ensuring that the packages that get installed are created by the right developers, but how do you properly establish trust in the first place?
- Why are consistent and auditable dependencies important for the security of a system and how does TUF help with that goal?
- What are some of the known attack vectors for a software update system and how do Python and other systems attempt to mitigate these vulnerabilities?
- One of the perennial problems with any dependency management system is that of transitive dependencies. How does TUF handle this extra complexity of ensuring that all of the secondary, tertiary, etc. dependencies are also properly pinned and trusted?
- For someone who wants to start using TUF what are the steps to get it set up with pip?
- How would a project that wants to use TUF, do so?
- Who is using TUF and when will it be used with PyPI?
Keep In Touch
- When the Going Gets Tough, Get TUF Going – PyCon 2016
- Stork Package Manager
- Distribution Packages Considered Insecure