Den tors 14 maj 2020 kl 06:27 skrev Mogens Jensen <>:

> Normally I would just assume that fetched files are verified, but maybe
> in the case with fw_update, the rationale is that firmware files are
> binary blobs so we can't know if they are malicious anyway, therefore
> no reason to bother with verification.

It would be sad to mixup the fact that something is signed with a sort of
guarantee that it is without faults or without malice.
The signature proves it didn't change in transport since it was published,
nothing more.

May the most significant bit of your life be positive.

Reply via email to