[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: kernel.org compromised



On Thu, Sep 01, 2011 at 06:05:01PM -0300, Henrique de Moraes Holschuh wrote:
> Our kernels are not a problem.  The Debian mirror in mirrors.kernel.org,
> on the other hand...  While the apt signature will protect users
> downloading packages through the package manager, users that get binary
> packages directly are not protected.

The connection is not authenticated, so it makes no difference if you
get modified stuff or if it is modified in transit.

Bastian

-- 
Totally illogical, there was no chance.
		-- Spock, "The Galileo Seven", stardate 2822.3


Reply to: