I wrote an article about best practices (including travel tips) for PureBoot, @purism 's tamper-evident boot firmware that allows the user to control all of the keys and secrets used for the signing process. Check it out here: puri.sm/posts/pureboot-best-pr

I've gotten some questions about Packagekit and why we don't provide interactive signing during package updates. I talk at length about some of the challenges with that approach here: github.com/osresearch/heads/is

Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml