From de0fab649ccb881f25b04134285964a1e4da2b1f Mon Sep 17 00:00:00 2001 From: elijah Date: Wed, 14 Aug 2013 03:37:50 -0700 Subject: fix TUF url --- docs/design/hard-problems.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/design') diff --git a/docs/design/hard-problems.md b/docs/design/hard-problems.md index 1a3319f..4c5c470 100644 --- a/docs/design/hard-problems.md +++ b/docs/design/hard-problems.md @@ -106,6 +106,6 @@ The sad state of update security is especially troublesome because update attack To address the update problem, LEAP is adopting a unique update system called Thandy from the Tor project. Thandy is complex to manage, but is very effective at preventing known update attacks. -Thandy, and the related [TUF](https://updateframework.com), are designed to address the many [security vulnerabilities in existing software update systems](https://updateframework.com/wiki/Docs/Security). In one example, other update systems suffer from an inability of the client to confirm that they have the most up-to-date copy, thus opening a huge vulnerability where the attacker simply waits for a security upgrade, prevents the upgrade, and launches an attack exploiting the vulnerability that should have just been fixed. Thandy/TUF provides a unique mechanism for distributing and verifying updates so that no client device will install the wrong update or miss an update without knowing it. +Thandy, and the related [TUF](https://updateframework.com), are designed to address the many [security vulnerabilities in existing software update systems](https://updateframework.com/projects/project/wiki/Docs/Security). In one example, other update systems suffer from an inability of the client to confirm that they have the most up-to-date copy, thus opening a huge vulnerability where the attacker simply waits for a security upgrade, prevents the upgrade, and launches an attack exploiting the vulnerability that should have just been fixed. Thandy/TUF provides a unique mechanism for distributing and verifying updates so that no client device will install the wrong update or miss an update without knowing it. Related to the update problem is the backdoor problem: how do you know that an update does not have a backdoor added by the software developers themselves? Probably the best approach is that taken by [Gitian](https://gitian.org/), which provides a "deterministic build process to allow multiple builders to create identical binaries". We hope to adopt Gitian in the future. -- cgit v1.2.3