Lì mercoledì, 2004/06/09 alle 06:44, -0700, Karl Hegbloom ha scritto: > Paranoia department (sign my key; target on my back): > > What if someone had control of a network who was "not a big Debian fan", > or who just wanted to be evil and get trojan horse software onto > people's computers for one reason or another. This person sets up the > routers so that accesses to the official Debian mirrors are > transparently proxied to a mirror they keep, but with certain strategic > programs shadowed by their own version, with special patches applied. maybe i simply don't understand, but isn't Packages file signing done exactly to avoid such an attack? federico -- Federico Di Gregorio http://people.initd.org/fog Debian GNU/Linux Developer fog@debian.org INIT.D Developer fog@initd.org We are all dust, Saqi, so play the lute We are all wind, Saqi, so bring wine. -- Omar Khayam
Attachment:
signature.asc
Description: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata