bureado

#!/bin/sh

# See: https://hackmd.io/@aeva/draft-gitbom-spec
# Also see: https://gist.github.com/bureado/0e4b53e90ac1263b7c5ed908dbe2cb50

# Today I would look at witness, tracee, and many others.

# TODO: make sure $BUILDDIR is a --git-dir
BUILDDIR=$1
TIMEOUT=5

bureado

#!/bin/sh

# Video: https://www.youtube.com/watch?v=Rv4ZlbMb1pE&list=PL9GzfK3UKP1vOcUkp3ayByoBY2pT641YN&index=3

# Usage: ./hash-to-buildinfo.sh <.deb package>
# Works with deb packages obtained from a Debian archive
# Assumes rekor CLI is in ./

# This all exists because https://unix.stackexchange.com/a/612931
# https://unix.stackexchange.com/a/673157

bureado

#!/bin/bash

# Also see: https://gist.github.com/bureado/16df777c1f9883ef919a5cc0c30eaba3

case "$1" in
 init)
    # Install dependencies
    sudo apt update && sudo apt install jq auditd -y
    # Start auditd
    sudo systemctl start auditd.service

bureado

• High level introductions:
  • The three levels of confidential computing | Edgeless Systems
    • Edgeless' entire wiki (as well as the docs for several of their OSS products) are highly recommended for additional reading; you might want to start with Use cases
  • Why Should I Trust Your Code? | annotated by JMP (readwise.io)
  • Common-Terminology-for-Confidential-Computing | annotated by JMP (readwise.io)
  • CCC-A-Technical-Analysis-of-Confidential-Computing-v1.3_unlocked | annotated by JMP (readwise.io)
• Video: Mark Russinovich's [Confidential Computing Elevating Cloud Security and Privacy](https://www.youtube.com/watch?app=desktop&v=H1TWoebepa