Hey @zwass/@Noah Talerman, I had a question, I was looking on how to implement Orbit and got me thinking about supply chain attacks off late. I was wondering what are the safeguards to prevent this type of attack of happening?
05/25/2021, 4:25 PM
Good question. We recognize the sensitivity of an auto-updating binary that runs as root on every host in your network.
In order to protect the integrity of updates, we are using [The Update Framework](https://theupdateframework.io/). We are having our implementation reviewed and will publish the report after addressing any issues that come up.
Both the osquery project and Fleet are working on building release binaries on ephemeral infrastructure within GitHub actions.
For organizations that need complete control over the entire process, we are including tools for managing your own Orbit autoupdate server as part of Fleet Basic. If you choose to do this, you can compile osquery and Orbit from source and manage the entire update infrastructure. An additional benefit (coming soon) is updates for any custom osquery extensions you'd like to bundle.
Does that help?
05/25/2021, 6:00 PM
Hey @zwass thanks for this extensive response. It sure helps. I will take a look at TUF and decide based on that which route might be better for us.