[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Compromising Debian Repositories

On Sat, 03 Aug 2013, Volker Birk wrote:
> On Sat, Aug 03, 2013 at 08:46:53PM +1000, Aníbal Monsalve Salazar wrote:
> > On Sat, Aug 03, 2013 at 12:17:06PM +0200, Volker Birk wrote:
> > > Not to mention the build tool chains.
> > It reminds me of Ken Thompson's article Reflections on Trusting Trust.
> Yes, that's what I'm alluding to. For attacking Debian, being a
> maintainer of say, binutils or gcc would be best. But hey, there are

You'd just go upstream, and attack all distros at once.  It is actually
safer that way.

  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to: