> your site reminded me that cobalt does not publish the md5sums > for its pkg files on the website. Being super-ultra paranoid > like myself, this extra layer of verification would be a welcome > addition. I'd just like to point out that if the cobalt distribution server was comprimised and the pkg files were tampered with, its a fair assumption that the webpage would be altered to reflect the new altered MD5 sums. _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
- Re: [cobalt-security] RE: 'On my Soap Box' Mike Coltart
- Re: [cobalt-security] RE: 'On my Soap Box' Kevin D
- Re: [cobalt-security] RE: 'On my Soap Box' John Bailey
- Re: [cobalt-security] RE: 'On my Soap Box' Norm Duncan
- Re: [cobalt-security] RE: 'On my Soap Box' Marc Gear
- Re: [cobalt-security] RE: 'On my Soap Box' Adam Sculthorpe
- Re: [cobalt-security] Security Costs Paul Gillingwater
- Re: [cobalt-security] RE: 'On my Soap Box' Gossi The Dog
- Re: [cobalt-security] RE: 'On my Soap Box' Marc Gear
- Re: [cobalt-security] RE: 'On my Soap Box' Jeff Lovell
- Re: [cobalt-security] RE: 'On my Soap Box' Mark Anderson
