Re: you iso's may have been hacked
Hi,
Steve McIntyre wrote:
> It's also contained in the debian-role-keys keyring in the
> debian-keyring package: [...]
> and the full fingerprint is also on the Debian website using https for
> people who would rather trust that.
We users could easily be outsmarted in this aspect, i fear.
It's hard to tell whom to trust and how to avoid being spoofed by others.
In any case somebody with edit powers should replace in
https://www.debian.org/CD/faq/#verify
"SHA1" and "MD5" by "SHA512".
Just to make this aspect safe for the next few years ... hopefully.
Have a nice day :)
Thomas
Reply to: