Explore the critical aspects of secure software distribution in this conference talk. Delve into The Update Framework (TUF) and its application in protecting against attacks on software distribution and updates. Discover how TUF can enhance security for registries and learn about its adaptation for use with the Notary v2 project. Examine the threat model, cryptographic signatures, and their limitations. Gain insights into TUF attacks, principles, and features such as explicit and implicit relocation and offline keys. Understand the importance of securing the system and explore new features in this comprehensive overview of TUF and Notary for software distribution security.