Secure Code Delivery and Automatic Updates

Career advice? Academic questions? Wondering what the right notation for something is? Or just want to vent? This is the right place.
Post Reply
Posts: 7
Joined: Tue Aug 15, 2017 11:30 pm

Wed Aug 30, 2017 5:08 pm

I'm not sure if this should go in "new projects" since it's a topic Defuse and I have independently been talking about for years now, "usable and accessible cryptography", or somewhere else. So I'm sticking this in the miscellaneous category for now. Apologies if that's an erroneous decision.

Let's talk about secure code delivery and automatic updates.

Here's a collection of writing on this topic:
It's possible that I'm missing some literature on this topic, but it seems like a woefully neglected topic in the security community.


1. Does the proposed threat model make sense for an attacker who wants to compromise an update server to spread malware?

2. Does the triangle sufficiently prescribe a defensible means of mitigating and/or deterring such attacks?

3. What (if anything) can be done to make our model more robust? What can be done to make it simpler to interface with?

Post Reply