Re: kernel.org compromised
On Thu, Sep 01, 2011 at 06:05:01PM -0300, Henrique de Moraes Holschuh wrote:
> Our kernels are not a problem. The Debian mirror in mirrors.kernel.org,
> on the other hand... While the apt signature will protect users
> downloading packages through the package manager, users that get binary
> packages directly are not protected.
The connection is not authenticated, so it makes no difference if you
get modified stuff or if it is modified in transit.
Bastian
--
Totally illogical, there was no chance.
-- Spock, "The Galileo Seven", stardate 2822.3
Reply to: