Article Proposal: Web of Trust

Hey all,

I have a concept for a two part article that I wish to share with you. Put simply, it’s about the Web of Trust. How can a user know that Fedora is secure, and how can people help each other in keeping Fedora secure. It will be a two-part article because I want to cut it up in both a conceptual part, and a simple tutorial.

Basic outline

Article one: Explaining the concept (~1400 words)

  • Concept
    • What is compilation and why does it matter
    • why must code be open source for security
  • Fedora systems in place (Koji, Bodhi)

Article two: Giving a simple tutorial (~1200 words)

  • How to extract hashes from an installed app
  • How to rebuild a popular application
  • How to compare results
  • What to do when results don’t match

The first part will be more wordy, explaining FLOSS and why FLOSS helps you and others staying secure. The second part will be hands on, to the point that users can compare hashes and check out the project source.

For the tutorial, I wanted to use Flatpak because it’s easier, but I can understand that some of you have different feeling on that. There is already an article about compiling RPM files, so I will make sure to link to that too.

Let me know what you think,

Kevin

PS. Thanks for moving to Discourse, I never got mailing-lists to work properly!

I like this idea a lot, +1!

+1 This sounds like an awesome idea

Hello @eonfge,
Welcome to discussion.fp.o! I created a Taiga card for this article. Have you signed into our Kanban board with your FAS ID yet? Located here . Once you are setup as a writer I can assign you to the card for the article. Edit: I assigned you to the article.