[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: apt 0.6 and how it does *not* solve the problem

also sprach Thomas Bushnell BSG <tb@becket.net> [2004.08.24.1840 +0200]:
> If we shouldn't sign and check signatures because there are still ways
> of subverting one's ssh binary, then we shouldn't even distribute ssh
> binaries.  Doesn't such distribution cause a false sense of security?

Yeah well, I guess it does all boil down to attack vectors...

PS: Please don't CC me.

Please do not CC me when replying to lists; I read them!
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, and user
`. `'`
  `-  Debian - when you have better things to do than fixing a system
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!

Attachment: signature.asc
Description: Digital signature

Reply to: