Re: Debian cd supporting ext4.
On Sat, Jul 24, 2010 at 14:21:38 -0500, Ron Johnson wrote:
> On 07/24/2010 01:50 AM, Sthu Deus wrote:
> >Thank You for Your time and answer, Andrei:
> >>Yes it is. That's why I suggested the kmuto installer.
> >Is there any reference fro Debian web site to the kmuto site - I have
> >found one reference from searching machine but the link was not found on
> >the Debian site. How I can know that the ISO images that are available
> >on the developers site are Debian project acknowledged this day?
> >Sorry for stubbornness on my side.
> You can't have your cake and eat it too.
> Modern kernels won't be supported by debian-security. Deal with it.
Furthermore, he is asking the wrong question if he wants real security.
If one downloads via an insecure protocol (http, ftp) then it does not
matter if the URL points to debian.org, kmuto.jp or rootkits-r-us.com,
because one is unprotected against a man-in-the-middle attack in any
case. Thinking that searching for a reference to the kmuto installer on
debian.org has anything to do with security is a dangerous illusion.
The question that should be asked is: "How can I verify the checksums of
the kmuto images with cryptographic signatures that can be traced back
to a trusted key from the debian keyring?" (Unfortunately I do not know
the answer; I cannot find any signature whatsoever for the checksums.)