On Fri, May 30, 2014 at 10:43:56PM +1000, Alfie John wrote:
What's stopping the attacker from serving a compromised apt?
https://www.debian.org/CD/verify