Re: [work] Integrity of Debian packages
On Thu, Mar 06, 2003 at 09:21:21PM -0500, Gary MacDougall wrote:
> If the FBI has the power, time and energy to install a proxy between my
> router
> and my ISP to spoof a package host (i.e. security.debian.org) just to
> root my servers, then they
> are clearly a heck of lot more "geeky" than I thought. Hell, why go
> through that trouble,
> why not just grab my traffic and sniff all my packet's... sheesh. If
> they can spoof a proxy
> on me, then they certianly can put a line sniffer between me and my
> ISP... isn't that
> easier?!?!
I don't know about you, but I've got stuff on my HD that hasn't been sent
over the network in plaintext. With appropriate crypto, you can distribute
information reliably (as long as you can sometimes get untampered-with
connections to work) over a hostile network. It's possible, it's a Good
Thing, and it's not prohibitively difficult (at least not for a reasonable
level of security). I really hope sarge will do by default.
--
#define X(x,y) x##y
Peter Cordes ; e-mail: X(peter@llama.nslug. , ns.ca)
"The gods confound the man who first found out how to distinguish the hours!
Confound him, too, who in this place set up a sundial, to cut and hack
my day so wretchedly into small pieces!" -- Plautus, 200 BC
Reply to: