Re: [work] Integrity of Debian packages

To: debian-security@lists.debian.org
Cc:
Subject: Re: [work] Integrity of Debian packages
From: Blars Blarson <blarson@blars.org>
Date: Thu, 6 Mar 2003 23:53:42 -0800
Message-id: <[🔎] 200303070753.h277rgD3006271@renig.nat.blars.org>
In-reply-to: <[🔎] 3E680221.8040302@freeportway.com>
References: <[🔎] 20030307013315.GA27646@daedalus.andrew.net.au> <[🔎] 20030307013315.GA27646@daedalus.andrew.net.au>

In article <[🔎] 3E680221.8040302@freeportway.com> gary@freeportway.com writes:
>If the FBI has the power, time and energy to install a proxy between my 
>router
>and my ISP to spoof a package host (i.e. security.debian.org) just to 
>root my servers, then they
>are clearly a heck of lot more "geeky" than I thought.  Hell, why go 
>through that trouble,
>why not just grab my traffic and sniff all my packet's... sheesh.  If 
>they can spoof a proxy
>on me, then they certianly can put a line sniffer between me and my 
>ISP... isn't that
>easier?!?!

No need to put it between, their packet sniffer is already in place at
your ISP.  Please read about CARNIVORE, which made many news headlines
before 9/11/01.  It hasn't gone away, the news media just shut up
about it.  (If you're outside of the USA, the CIA has been doing more
for longer, but it doesn't make the news as much.)

-- 
Blars Blarson			blarson@blars.org
				http://www.blars.org/blars.html
"Text is a way we cheat time." -- Patrick Nielsen Hayden

Reply to:

Follow-Ups:
- Re: [work] Integrity of Debian packages
  - From: Ted Parvu <ted@parvu.net>

References:
- Integrity of Debian packages
  - From: Andrew Pollock <debian-lists@andrew.net.au>
- Re: [work] Integrity of Debian packages
  - From: Gary MacDougall <gary@freeportway.com>

Prev by Date: Re: [work] Integrity of Debian packages
Next by Date: Re: Integrity of Debian packages
Previous by thread: Re: [work] Integrity of Debian packages
Next by thread: Re: [work] Integrity of Debian packages
Index(es):
- Date
- Thread