Блог — Security
Authenticate your Git checkouts!
7 травня 2024 року
You clone a Git repository, then pull from it. How can you tell its contents are “authentic”—i.e., coming from the “genuine” project you think you’re pulling from, written by…
Identifying software
4 березня 2024 року
What does it take to “identify software”? How can we tell what software is running on a machine to determine, for example, what security vulnerabilities might affect it? …
The Full-Source Bootstrap: Building from source all the way down
26 квітня 2023 року
We are delighted and somewhat relieved to announce that the third reduction of the Guix bootstrap binaries has now been merged in the main branch of Guix! …
GNU Guix 1.2.0 released
23 листопада 2020 року
We are pleased to announce the release of GNU Guix version 1.2.0, right in time to celebrate the eighth anniversary of Guix ! The release…
Securing updates
1 липня 2020 року
Software deployment tools like Guix are in a key position when it comes to securing the “software supply chain”—taking source code fresh from repositories and providing users with ready-to-use binaries.…
Guix Further Reduces Bootstrap Seed to 25%
15 червня 2020 року
We are delighted to announce that the second reduction by 50% of the Guix bootstrap binaries has now been officially released! The initial set of binaries…
Grafts, continued
6 травня 2020 року
Guix includes a mechanism called grafts that allows us to provide users with security updates in a timely fashion, even for core packages deep down in the…
Reproducible Builds Summit, 5th edition
16 грудня 2019 року
For several years , the Reproducible Builds Summit has become this pleasant and fruitful retreat where we Guix hackers like to go and share, brainstorm, and hack with…
Guix Reduces Bootstrap Seed by 50%
8 жовтня 2019 року
We are delighted to announce that the first reduction by 50% of the Guix bootstrap binaries has now been officially released! This is a very important…
Bootstrapping Rust
11 грудня 2018 року
Slowly, systems programming languages are getting better in the sense of giving more guarantees and automating what can be automated without downsides. Rust is one of the more promising…
Running system services in containers
14 квітня 2017 року
At FOSDEM, in the awesome Guile track , I briefly demoed a new experimental GuixSD feature as part my talk on system services : the ability to run system services…
Timely delivery of security updates
2 березня 2016 року
Yesterday, a new version of OpenSSL was released , addressing several serious vulnerabilities, some of which are nicknamed "DROWN" . Like all free software distributions,…