Ray Dillinger: > > Hmm. > > On further inspection, it appears that you're right. > > So I suppose my "bug" is that debian appears not to give > a crap about people monitoring who is downloading which > packages and isn't providing their repositories via > https. Or ftps. Or, really, via *any* confidential > mechanism. > > [...] > > Bear > We do, but it is fairly new. There is an onion address for the regular mirror: * tor+http://vwakviie2ienjx6t.onion/debian/ Although, I doubt it covers security. Though I suppose it should be doable to get an onion address for the security mirror as well. Thanks, ~Niels PS: You currently need apt-transport-tor to use that.
Attachment:
signature.asc
Description: OpenPGP digital signature