Attestable builds: compiling verifiable binaries on untrusted systems using trusted execution environments

In this paper we present attestable builds, a new paradigm to provide strong source-to-binary correspondence in software artifacts. We tackle the challenge of opaque build pipelines that disconnect the trust between source code, which can be understood and audited, and the final binary artifact, which is difficult to inspect. Our system uses modern trusted execution environments (TEEs) and sandboxed build containers to provide strong guarantees that a given artifact was correctly built from a specific source code snapshot. As such it complements existing approaches like reproducible builds which typically require time-intensive modifications to existing build configurations and dependencies, and require independent parties to continuously build and verify artifacts. In comparison, an attestable build requires only minimal changes to an existing project, and offers nearly instantaneous verification of the correspondence between a given binary and the source code and build pipeline used to construct it. We evaluate it by building open-source software libraries - focusing on projects which are important to the trust chain and those which have proven difficult to be built deterministically. Overall, the overhead (42 seconds start-up latency and 14% increase in build duration) is small in comparison to the overall build time. Importantly, our prototype builds even complex projects such as LLVM Clang without requiring any modifications to their source code and build scripts. Finally, we formally model and verify the attestable build design to demonstrate its security against well-resourced adversaries.

crates.io: Malicious crates faster_log and async_println | Rust Blog

Empowering everyone to build reliable and efficient software.

Russian hackers seized control of Norwegian dam, spy chief says

Beate Gangås says attack in April by Norway’s ‘dangerous neighbour’ aimed to cause fear and chaos

Is Proton leaving Switzerland? "Legal uncertainty" of proposed surveillance laws is pushing them to make several changes

Several of Proton's products could be headed elsewhere in Europe in the wake of proposed surveillance laws

An Architecture for Distributed Digital Identities in the Physical World

Digital identities are increasingly important for mediating not only digital but also physical service transactions. Managing such identities through centralized providers can cause both availability and privacy concerns: single points of failure and control are ideal targets for global attacks on technical, organizational, or legal fronts. We design, analyze, and build a distributed digital identity architecture for physical world transactions in common scenarios like unlocking doors, public transport, or crossing country borders. This architecture combines (biometric and other) sensors, (established and upcoming) identity authorities, attribute verifiers, and a new core component we call the \emph{Personal Identity Agent (PIA)} that represents individuals with their identity attributes in the digital domain. All transactions are conducted in a completely decentralized manner, and the components for which we currently assume central coordination are optional and only used for assisting with service discovery and latency reduction. We present a first protocol between these parties and formally verify that it achieves relevant security properties based on a realistic threat model including strong global adversaries. A proof-of-concept implementation demonstrates practical feasibility of both architecture and initial protocol for applications that can tolerate end-to-end latencies in the range of a few seconds.

Before you continue to YouTube

bert hubert 🇺🇦🇪🇺🇺🇦 (@[email protected])

The chief prosecutor of the International Criminal Court has lost access to his (Microsoft) email and bank accounts. Prosecutions are faltering now. This all due to US sanctions. 'Microsoft did not respond to a request for comments'. Yet European governments are collectively moving their email and files to Microsoft, risking similar problems if they ever upset the US administration. https://apnews.com/article/icc-trump-sanctions-karim-khan-court-a4b4c02751ab84c09718b1b95cbd5db3

KeePassXC + YubiKey: How to set up a local-only password manager

This tutorial demonstrates how to install the local-only password manager KeePassXC and secure a password database with YubiKey.