< Previous | Contents | Next >
1.4.5. A Trustable Operating System
Users of a security distribution rightfully want to know that it can be trusted and that it has been developed in plain sight, allowing anyone to inspect the source code. Kali Linux is developed by a small team of knowledgeable developers working transparently and following the best security practices: they upload signed source packages, which are then built on dedicated build daemons. The packages are then checksummed and distributed as part of a signed repository.
The work done on the packages can be fully reviewed through the packaging Git repositories14 (which contain signed tags) that are used to build the Kali source packages. The evolution of each package can also be followed through the Kali package tracker15.