Apt-get is insecure
A poster on slashdot has done some interesting research on whether an ISP that co-operates with the FBI can insert a trojan horse in your Debian machine. He demonstrates that it is easy: http://slashdot.org/comments.pl?sid=24834cid=2697504 RedHat uses a PGP signature scheme. What are we doing about it? Alex -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Apt-get is insecure
unsuccessful: E: Couldn't find package debsign On Thu, Dec 13, 2001 at 04:24:47PM +0100, Wichert Akkerman wrote: Previously Alexander Karelas wrote: RedHat uses a PGP signature scheme. What are we doing about it? apt-get install debsign -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Apt-get is insecure
A poster on slashdot has done some interesting research on whether an ISP that co-operates with the FBI can insert a trojan horse in your Debian machine. He demonstrates that it is easy: http://slashdot.org/comments.pl?sid=24834cid=2697504 RedHat uses a PGP signature scheme. What are we doing about it? Alex
Re: Apt-get is insecure
unsuccessful: E: Couldn't find package debsign On Thu, Dec 13, 2001 at 04:24:47PM +0100, Wichert Akkerman wrote: Previously Alexander Karelas wrote: RedHat uses a PGP signature scheme. What are we doing about it? apt-get install debsign
shutdown via webpage
How about if a webpage was made on the server that would require user authentication and would execute a suid shutdown CGI script?
