On Fri, Sep 08, 2006 at 08:53:20PM -0400, Michael Gilbert wrote: > hello, > > i just wanted to poll the debian community on whether they think that > using secure apt to upgrade/install packages over coffee shop wifi is > any more or less secure than doing the same via a home connection over > say roadrunner? > If whatever you are doing is on an untrusted network, then you should use either ssh, SSL (e.g., for web traffic) or a VPN (best solution). Beyond that, nothing is really safe. > as i see it, there is an increased chance of a middleman (at the > coffee shop hop) masquerading as ftp.debian.org. > > i guess this brings up a larger question: if there ever is a middleman > with the intent of getting malicious software onto my system, is it > possible for him to convince my secure apt that his packages are > legit? > If you get your keys from the Debian keyring (which I believe is the default), then they would need to fake the signatures with keys from the Debian keyring. If this happens, I think the world has larger problems than someone trying to get malicious code onto your computer :-) -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~roberto
Attachment:
signature.asc
Description: Digital signature