To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo
Artwork

Tech Ccc Congress Hacking Security Netzpolitik Germany CCC media team Video
Content provided by CCC media team. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by CCC media team or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

Similar to Chaos Computer Club - recent events feed (high quality)

Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Chaos Computer Club - recent events feed (high quality) « »
UKI, composefs and remote attestation for Bootable Containers (asg2025)

42:50
 
Play
Playing
Share
 

MP4Episode home
Manage episode 509545193 series 2475293
Content provided by CCC media team. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by CCC media team or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
With Bootable Containers (bootc), we can place the operating system files inside a standard OCI container. This lets users modify the content of the operating system using familiar container tools and the Containerfile pattern. They can then share those container images using container registries and sign them using cosign. Using composefs and fs-verity, we can link a UKI to a complete read only filesystem tree, guaranteeing that every system file is verified on load. We integrate this in bootc by creating a reliable way to turn container images into composefs filesystem trees, and then including the UKI in the container image. We will share the progress on the integration of UKI and composefs in bootc and how we are going to enable remote attestation for those systems using trustee, notably for Confidential Computing use cases. https://github.com/containers/composefs-rs https://github.com/bootc-dev/bootc https://github.com/confidential-containers/trustee Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/TNKPQS/
  continue reading

1996 episodes

#Tech #Ccc Congress Hacking Security Netzpolitik #Germany #CCC media team #Video
Artwork

UKI, composefs and remote attestation for Bootable Containers (asg2025)

Chaos Computer Club - recent events feed (high quality)

26 subscribers

published

Play Playing
iconShare
 
MP4Episode home
Manage episode 509545193 series 2475293
Content provided by CCC media team. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by CCC media team or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
With Bootable Containers (bootc), we can place the operating system files inside a standard OCI container. This lets users modify the content of the operating system using familiar container tools and the Containerfile pattern. They can then share those container images using container registries and sign them using cosign. Using composefs and fs-verity, we can link a UKI to a complete read only filesystem tree, guaranteeing that every system file is verified on load. We integrate this in bootc by creating a reliable way to turn container images into composefs filesystem trees, and then including the UKI in the container image. We will share the progress on the integration of UKI and composefs in bootc and how we are going to enable remote attestation for those systems using trustee, notably for Confidential Computing use cases. https://github.com/containers/composefs-rs https://github.com/bootc-dev/bootc https://github.com/confidential-containers/trustee Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/TNKPQS/
  continue reading

1996 episodes

#Tech #Ccc Congress Hacking Security Netzpolitik #Germany #CCC media team #Video

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Similar to Chaos Computer Club - recent events feed (high quality)

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play
icon
Help/FAQ | Advertise with Us
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox
Listen to this show while you explore
Play