https://fulltimenix.com/episodes/martin-schwaighofer-steering-committee-candidate
https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
https://github.com/NixOS/nixpkgs
https://oxide.computer/
https://github.com/nix-community/lanzaboote
https://en.wikipedia.org/wiki/UEFI#Secure_Boot
NixCon2024 rebuilding builders instead of trusting trust
https://youtu.be/UlJUpUQc9Lc?si=_EebfQszx062M2mR
Extending cloud build systems to eliminate transitive trust:
https://discourse.nixos.org/t/extending-cloud-build-systems-to-eliminate-transitive-trust/50841
https://scored.dev/
https://reproducible-builds.org/
Build systems à la carte: Theory and practice
https://www.cambridge.org/core/journals/journal-of-functional-programming/article/build-systems-a-la-carte-theory-and-practice/097CE52C750E69BD16B78C318754C7A4?utm_campaign=shareaholic&utm_medium=copy_link&utm_source=bookmark
Implementing a content-addressed Nix, 2 December 2021 — by Théophane Hufschmitt
https://www.tweag.io/blog/2021-12-02-nix-cas-4/
https://github.com/nix-community/trustix
https://nixos.org/research/
00:00 Introduction and Background
01:28 Martin's Journey in Computer Science
02:57 Compiler Construction Course Insights
04:20 The Concept of Self-Compiling Compilers
07:10 Hiding stuff in the compiler
08:47 Trusting Trust: Compiler Security Issues
09:58 Nix and Build Process Management
12:09 Bootstrapping and Auditing in Nixpkgs
13:21 Trust in Software and Hardware Security
18:01 Secure Boot and Its Implications
20:39 Scenario: Government Agency Targeting
22:15 More on boot security
28:09 The Role of Secure Boot and Measured Boot
29:52 Measured boot
35:13 Democratizing Trust with Remote Attestation
36:11 Raising the bar on security
39:31 Research Directions in Supply Chain Security
47:34 Enhancing Nix for Security and Efficiency
50:20 Understanding Reproducibility in Build Processes
53:13 Navigating Trust and Threat Models in Nix
53:22 Identifying Gaps in Nix's Trust Mechanisms
56:48 Attribution and Trust in Build Systems
01:05:35 Distinguishing Between Input and Content Addressing in Nix
01:06:38 Nix store hashes
01:12:52 The Challenges of Content Addressing
01:14:04 Self-References and Their Implications
01:20:24 Trust and Attribution in Build Processes
01:24:31 Future Directions for Nix and Content Addressing
01:30:00 Sponsoring opportunity
Sponsor:
