Re: concrete steps for improving apt downloading security and privacy
On Wed, Jul 09, 2014 at 11:11:44PM -0400, Darius Jahandarie wrote:
If Tux Q. Debiannewbie doesn't know what adversaries with what powers
they are/aren't protected against for their use cases without looking
hard and being a security expert, it's hard to make serious claims
that Debian is actually protecting its users.
I frankly find it hard to believe that someone who is unwilling to click
past the first link when researching actually cares much about any kind
of writeup of threat models. I'll make it simple: if you're completely
unsophisticated and worried about a government hijacking your linux
distribution to spy on you, there's nothing debian can do to help you.
If you're low profile and uninteresting, the government doesn't care
about you. If you're actually being targeted by well funded and
sophisticated adversaries, they're going to get you unless you put a
heck of a lot more effort in than clicking on the first link.