We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Software distribution: new points of failure

Formal Metadata

Title
Software distribution: new points of failure
Subtitle
In a censored world
Title of Series
Number of Parts
490
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
There is a multitude of software or code ecosystems: Linux distribution packages, language-specific (e.g. Python or node.js) modules, third-party desktop themes, git repositories, and recently also Flatpak and Snap. Users thus obtain software and code mainly from the network. This talk explores what can go wrong in such code delivery mechanisms, and what actually went wrong when a new threat has materialized: networks in certain countries started to be unreliable "thanks" to the governments (classical example: https://isitblockedinrussia.com/?host=7-zip.org == true). And what technical steps can be done in order for the said ecosystems to survive when censorship and overblocking spreads over the globe even more. The focus will be on how mirror networks and CDNs operate (and what's the difference and why it matters), illustrated by examples of Debian mirrors and NPM. Both availability and integrity concerns regarding code delivery will be discussed.