Report picks holes in the Linux kernel release signing process
Security procedures need documenting, improving, and mandating - though they're better than they used to be A report looking into the security of the Linux kernel's release signing process has highlighted a range of areas for improvement, from failing to mandate the use of hardware security keys for authentication to use of static keys for SSH access....