On Jul 1, 2013 5:02 PM, "Eleanor Saitta" <[email protected]> wrote: > This, of course, is a global problem everywhere. A secure channel > requires a shared secret, in this case between the developers and the > end user. How does the user get their initial OS image if it didn't > come with their machine or they didn't buy it in a brick and mortar > store
It's particularly devious to serve up a tampered-with PGP/GPG4win download, given how gpg signatures are for other critical software. ~Griffin
-- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
