Bug#863317: workaround

To: 863317@bugs.debian.org
Subject: Bug#863317: workaround
From: Hans-Christoph Steiner <hans@eds.org>
Date: Thu, 25 May 2017 14:37:42 +0200
Message-id: <[🔎] 3d12816d-b948-db37-3168-2aeeb7c92745@eds.org>
Reply-to: Hans-Christoph Steiner <hans@eds.org>, 863317@bugs.debian.org

A simple workaround that should narrow the scope of this attack down to
requiring the mirror to be hacked is to use Tor Onion Service or HTTPS.
Using a HTTPS CDN mirror makes attacking the mirror even harder.

The official onion address for security.debian.org is:
deb http://dju2peblv7upfz3q.onion/debian-security jessie/updates main

Reply to:

Follow-Ups:
- Bug#863317: workaround
  - From: Hans-Christoph Steiner <hans@eds.org>
- Bug#863317: workaround
  - From: Hans-Christoph Steiner <hans@eds.org>

Prev by Date: Bug#863317: apt: susceptible to replay attacks
Next by Date: Bug#863317: workaround
Previous by thread: Processed: found 863317 in 1.0.9.8
Next by thread: Bug#863317: workaround
Index(es):
- Date
- Thread