[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Safety while network install.

On Mon, 21 Nov 2011 09:14:54 +0200, Andrei Popescu wrote:

> On Du, 20 nov 11, 18:10:34, Camaleón wrote:
>> 
>> I've never faced a security problem when installing over the network
> 
> How can you tell? ;)

gOOd catCh.

(Mmm... what happens with my keyboard? Seems like someone is typing on 
behalf me :-P)
 
>> (Internet) and take no additional countermeasures but ensuring the net
>> ISO checksum for the image I have downloaded is okay.
>> 
>> A compromised mirror can hit at anytime not just when installing.
> 
> A compromised mirror would be the least of my worries (due to
> secure-apt). 

There have been two intrusions that are still fresh on my mind (IIRC, one 
was at Fedora infrastructure and the last one to the kernel servers) and 
I have an extra of paranoid-thinking these days...

> In theory it could be possible to compromise the system during the
> install, but I think the risk is quite low.

Yup, I also think so. 
 
> It would probably have to be a targeted attack during a narrow window of
> a non-standard system not listening to any ports (unless you
> specifically activated ssh, but then you should know what you're doing).

Greetings,

-- 
Camaleón
Reply to: