On Wed, Sep 5, 2012 at 9:12 AM, Rowdy OpenBSD <[email protected]> wrote:
> them even having to compromise the mirrors). This may sound paranoid > or far-fetched, but there are tools such as Firesheep that make this > relatively easy to do. If the distribution sets that OpenBSD provides > were signed by the OpenBSD project, then we could at least be > reasonably confident that the distribution sets were not compromised > between their signing and our obtaining them. > Firesheep hijacks cookies with session ids in them.. not really applicable in this situation.
