Re: crypto support in potato
Ben Armstrong writes:
> Isn't this bass-ackwards? Youre using the network to get packages to make
> your system secure? Isn't the best way to disconnect your "virgin" box
> from the net, install crypto packages, and then only put it on the net
> once you've checked out everything to make sure it meets your standards?
> Crack attempts can start from the instant a box is put on the network.
I think you're putting two unrelated issues together here.
Cryptography is different than someone trying to crack into your box
or DoS it. To secure against that, you need to careful about what
services you run, not install software that encrypts things.
But to get back to the original question, I can't see how including
an address to download something could be a problem. If someone in the
US downloads a boot-floppies that asks her if she wants to fetch
packages from non-US, no crime has been commited. and if someone
outside the US downloads the floppies from master, he's not causing
anyone to export crypto.
Of course, i'm more of the `dare those bastards to arrest us, it would
be good publicity' mind when it comes to these things, so you may want
to get your opinion from someone a little more conservative. :-)
Written with 100% free software. Please support the following websites:
www.noamazon.com www.eviltoy.com www.debian.org www.gnu.org lpf.ai.mit.edu