Joomla! & TUF – Secure Updates

Joomla! & TUF - Secure Updates

Make the web a safer place by using secure updates.

PROJECT DESCRIPTION

Currently Joomla! Updates are not secured by cryptographic signatures. Signing updates would ensure the legitimacy of the updates. We plan to implement “The Update Framework” (TUF), a framework designed to deliver signed updates for all kinds of software. Integrating it into Joomla will make sure that no contaminated version of the CMS and its extensions are installed.

HACKATHON GOALS

The goal of the project is to create a PoC for a Joomla!-implementation of TUF which also can be adapted by other Open Source Software.
This includes to feed back fixed issues and finished features for TUF.

TARGET AUDIENCE

Everyone who is interested in looking beyond the horizon and working with a community driven CMS. If you have some experience with PHP, working with a framework, are interested in security or always wanted to know how secure updates should work, you’re very welcome to join this project.

Hackathon Results

PROJECT LEAD

benjamin-trenkleBenjamin Trenkle is Release Lead of the current Joomla! Version 4.1. He works with Joomla! from 1.0.

Beside Joomla! Benjamin is helping companies to digitize and automate their daily processes.

TAGS

php
joomla
security
server