Re: Reporting Bugs Against the Debian Website

On Fri 10 Jun 2022 at 19:38:22 +, Jonathan Wiebe wrote: > I need a pointer as to how to file a bug against the Debian website. File against www.debian.org. -- Brian.

Reporting Bugs Against the Debian Website

I need a pointer as to how to file a bug against the Debian website. The following webpages all contain the text: The second set of tags indicate what releases a bug applies to: O for oldstable (jessie), S for stable (stretch), T for testing (buster), U for unstable (sid) or E for experimental

Re: website

On Wed 23 Feb 2022 at 19:04:21 +, Tim Woodall wrote: > On Wed, 23 Feb 2022, lina wrote: > > > Hi, > > > > Does anybody know what is the cost range to build the website for a lab? > > including all, > > > > basically layout is > > >

Re: website

On Wed, Feb 23, 2022 at 01:02:19PM -0600, Nicholas Geovanis wrote: > On Wed, Feb 23, 2022 at 12:50 PM wrote: > > > On Wed, Feb 23, 2022 at 12:27:50PM -0600, Nicholas Geovanis wrote: > > > On Wed, Feb 23, 2022 at 12:16 PM Nicholas Geovanis < > > nickgeova...@gmail.com> > > > wrote: > > > > [...]

Re: website

On Wed, 23 Feb 2022, lina wrote: Hi, Does anybody know what is the cost range to build the website for a lab? including all, basically layout is research | people | publication Thanks for your help, Does anyone know what is the cost range to build a lab? including all basically layout

Re: website

On Wed, Feb 23, 2022 at 12:50 PM wrote: > On Wed, Feb 23, 2022 at 12:27:50PM -0600, Nicholas Geovanis wrote: > > On Wed, Feb 23, 2022 at 12:16 PM Nicholas Geovanis < > nickgeova...@gmail.com> > > wrote: > > [...] > > > I should have added: > > For incremental cost, you can do things in the cloud

Re: website

On Wed, Feb 23, 2022 at 12:27:50PM -0600, Nicholas Geovanis wrote: > On Wed, Feb 23, 2022 at 12:16 PM Nicholas Geovanis > wrote: [...] > I should have added: > For incremental cost, you can do things in the cloud that are basically > impossible on your own. > For example, you can have AWS cloud

Re: website

On Wed, Feb 23, 2022 at 12:16 PM Nicholas Geovanis wrote: > On Wed, Feb 23, 2022 at 11:28 AM lina wrote: > >> Hi, >> >> Does anybody know what is the cost range to build the website for a lab? >> including all, >> basically layout is >> research |

Re: website

On Wed, Feb 23, 2022 at 11:28 AM lina wrote: > Hi, > > Does anybody know what is the cost range to build the website for a lab? > including all, > basically layout is > research | people | publication > Consider using cloud services for a smaller more-static website. If

Re: website

On Wed, Feb 23, 2022 at 06:28:01PM +0100, lina wrote: > Hi, > > Does anybody know what is the cost range to build the website for a lab? > including all, > > basically layout is > > research | people | publication > > Thanks for your help, $0 if you can code HTML

website

Hi, Does anybody know what is the cost range to build the website for a lab? including all, basically layout is research | people | publication Thanks for your help,

Re: release date on website with notes

> On Wed, Nov 10, 2021 at 07:08:07AM -0500, Jeremy Brown wrote: >> >> My computer has had a number of malware incidents, so I am taking extra >> precautions. This morning I got an update notification about my os. Is >> there somewhere I can get notices direc

Re: release date on website with notes

Hi Jeremy, On Wed, Nov 10, 2021 at 07:08:07AM -0500, Jeremy Brown wrote: > > My computer has had a number of malware incidents, so I am taking extra > precautions. This morning I got an update notification about my os. Is > there somewhere I can get notices directly from the de

Client-side vs. server-side Website processing (was Re: PC fan getting very loud because of CPU load)

On 2021-05-08 at 16:47, Bret Busby wrote: > I think this goes to the issue of client side processing, as opposed > to server side processing ( I believe, and, argue, that all > processing involved with web sites, should be server side, if the web > sites are competently and benignly written, and

Re: Buster Apache php website in other lang than os

On 4/20/2021 1:15 PM, IL Ka wrote: What do I need to do in Apache and in PHP for it to properly render the language the website is written in? Do I need to generate the locales for the desired languages? Do I need to also do something in Apache? Just write your document and save it in utf

Re: Buster Apache php website in other lang than os

> > > What do I need to do in Apache and in PHP for it to properly render the > language the website is written in? > > Do I need to generate the locales for the desired languages? > Do I need to also do something in Apache? > Just write your document and save it in u

Buster Apache php website in other lang than os

Hello all, I'm playing with Apache2 and php. I'm making a website in an other language than the one Debian Buster is using. That is, Buster is in English but the website is written in Duch or any other language then English. What do I need to do in Apache and in PHP for it to properly render

Re: website permissions and ownership

hese users had SFTP > access only, which would prevent them being used. > > Any thoughts? > I like some of the ideas, mentioned by others, including SELinux issues. But, for a High Security Website, I prefer Lighttpd over Apache2 and, especially WordPress. Am I mostly on the right track? > Mostly. > > Thanks, > Richard > Kenneth Parker

Re: website permissions and ownership

modifications to specific files or directories. SELinux makes you think about what is important to you and what you think should be alterable on your website. Getting back to my staging scenario, you start with default SELinux rules completely restricting web server write access to content. You'd

Re: website permissions and ownership

. SELinux makes you think about what is important to you and what you think should be alterable on your website. Getting back to my staging scenario, you start with default SELinux rules completely restricting web server write access to content. You'd have another set of SELinux rules

Re: website permissions and ownership

iner, which is where I run this. Would SELinux work there? SELinux, from what I can see, seems more complex to learn than AppArmor. To accomodate other users I suggest you set up staging areas where they can upload content that you periodically sync to the website using a privileged process. This

Re: website permissions and ownership

. Would SELinux work there? SELinux, from what I can see, seems more complex to learn than AppArmor. To accomodate other users I suggest you set up staging areas where they can upload content that you periodically sync to the website using a privileged process. This means you don't have to give any rights

Re: website permissions and ownership

is important to you and what you think should be alterable on your website. Getting back to my staging scenario, you start with default SELinux rules completely restricting web server write access to content. You'd have another set of SELinux rules that allow some other process to make changes

Re: website permissions and ownership

there? SELinux, from what I can see, seems more complex to learn than AppArmor. To accomodate other users I suggest you set up staging areas where they can upload content that you periodically sync to the website using a privileged process. This means you don't have to give any rights to use

Re: website permissions and ownership

s pretty O.K. Though I personally also use SELinux for web facing services. To accomodate other users I suggest you set up staging areas where they can upload content that you periodically sync to the website using a privileged process. This means you don't have to give any rights to use

website permissions and ownership

Hi all, I'm reviewing how I set up websites (mostly Wordpress at the moment), and would like other opinions on what I'm planning is sane. My plan is to have a user eg "mysite" that owns all/most of the standard files and directories. The webserver (actually php-fpm) would run as

Re: Nieuwe website

On Thu, Dec 17, 2020 at 03:12:39PM +0100, Koen Wybo wrote: > Op 17/12/2020 om 14:08 schreef Paul van der Vlis: > > Ik zie dat Debian een nieuwe website heeft. > > Mooi! > > > > https://www.debian.org/ > > > > > Inderdaad: heel mooi. Visueel direct t

Re: Nieuwe website

Op 17/12/2020 om 14:08 schreef Paul van der Vlis: Ik zie dat Debian een nieuwe website heeft. Mooi! https://www.debian.org/ Inderdaad: heel mooi. Visueel direct to the point: zowel de gemeenschap als de software is belangrijk.

Nieuwe website

Ik zie dat Debian een nieuwe website heeft. Mooi! https://www.debian.org/ -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/

Re: Is there any tool in debian which helps us find what cdn does a website use ?

Hello, On Sat, Jan 04, 2020 at 10:50:54AM +, shirish शिरीष wrote: > I am interested to know if there is any other tool besides dig and > delv, something like perhaps cdnfinder [6] which will make it more > interesting to find things ? Can't you just traceroute or mtr to the site in question

Re: Is there any tool in debian which helps us find what cdn does a website use ?

at bottom :- On 04/01/2020, shirish शिरीष wrote: > Dear all, > > I was trying to download videos of a site where I came across an > openssl bug on the server side. While I have contacted the maintainers > of the site and hopefully they will fix it, They use CDN [1] . Which > turned my attention

Re: Is there any tool in debian which helps us find what cdn does a website use ?

On Sat, 2020-01-04 at 10:50 +, shirish शिरीष wrote: > it seems bind [5] will replace bind9-host at some point > in the future. How do you reach the above conclusion after reading the SE article you linked earlier? -Jim P.

Is there any tool in debian which helps us find what cdn does a website use ?

Dear all, I was trying to download videos of a site where I came across an openssl bug on the server side. While I have contacted the maintainers of the site and hopefully they will fix it, They use CDN [1] . Which turned my attention to finding about sites and finding about sites which do use

debian.org - Website Revamp

Hello, I hope you are doing good! I just wanted to check if you have any plans for Website Revamp for ( www.debian.org). The existing website was created long back and the style (UI/UX), web technology like responsive structure, CMS platform etc have upgraded. Please let me know if we can

Re: Nodejs and Harp static website generator

On Sat, Oct 12, 2019 at 15:51 Tom Browder wrote: > Has anyone on this list had any experience with Harp (https://harpjs.com)? > > I am having trouble getting it re-installed and not getting much help from > the developer. > SUCESS (sort of) I found a hack that works and have put the fix in the

Re: Nodejs and Harp static website generator

On Sat, Oct 12, 2019 at 03:51:30PM -0500, Tom Browder wrote: Has anyone on this list had any experience with Harp (https://harpjs.com)? I am having trouble getting it re-installed and not getting much help from the developer. Alternatively, can anyone recommend a suitable substitute for it.

Re: Nodejs and Harp static website generator

Tom Browder wrote: > Has anyone on this list had any experience with Harp (https://harpjs.com)? > > I am having trouble getting it re-installed and not getting much help from > the developer. > > Alternatively, can anyone recommend a suitable substitute for it. I don't know much about harpjs,

Nodejs and Harp static website generator

Has anyone on this list had any experience with Harp (https://harpjs.com)? I am having trouble getting it re-installed and not getting much help from the developer. Alternatively, can anyone recommend a suitable substitute for it. Thanks for any help or suggestions. Warm regards, -Tom

PostNL website, inloggen zakelijk

helpt niet. Heb het doorgegeven aan PostNL. Ben bang dat het te maken heeft met de ESR versie. Ze hebben een nieuwe website. Chromium doet het wel. Groeten, Paul -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/

Strategies for Website : kangry.com

Hi kangry.com Team, It’s my Pleasure to get in touch with you. Drive sales have become a tough job these days for any organization, when a website is handled by inexperienced Team. We would like to inform you, the services provided by us for maintaining and promoting your website are been

Re: POLL Do you want RTX? Cross-website-post.

On 15/02/19 3:53 PM, David Niklas wrote: > Hello, > I heard from 1 of the people that do HW reviews that AMD was considering > implementing their very own RTX and looking at what people think of RTX. > I created a poll on LQ: > https://www.linuxquestions.org/questions/showthread.php?p=5962219 >

POLL Do you want RTX? Cross-website-post.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello, I heard from 1 of the people that do HW reviews that AMD was considering implementing their very own RTX and looking at what people think of RTX. I created a poll on LQ: https://www.linuxquestions.org/questions/showthread.php?p=5962219 and in

Need A Website

Hi, I am Kalyani, from India. We are a team of 60+ IT professionals with expertise in: - Website Designing, Web development, PHP development, E-commerce Solutions, WordPress, Magento, Joomla Development, Responsive designs, OS Commerce Solutions, M-Commerce Solutions, and Mobile

Re: Firefox not displaying text on website(s)

On 11/16, Sridhar M A wrote: Yesterday when I updated my system, I got firefox 57. It does appear to work faster. But, I noticed that the sites I frequent, do not display the text: distrocwatch.com, slashdot.org, gmail, etc. Removed $HOME/.mozilla and checked again. Same problem :-( The

Re: Firefox not displaying text on website(s)

On Thu, Nov 16, 2017 at 8:44 PM, Vincent Lefevre wrote: > > Note that in the interface, the text is visible. So, it doesn't > seem to be an external font issue. I suggest that you try the > "Inspect Element" feature. It can give information about the > fonts. Checked the font

Re: Firefox not displaying text on website(s)

On 2017-11-16 10:28:38 +0530, Sridhar M A wrote: > Yesterday when I updated my system, I got firefox 57. It does appear > to work faster. But, I noticed that the sites I frequent, do not > display the text: distrocwatch.com, slashdot.org, gmail, etc. Removed > $HOME/.mozilla and checked again.

Re: Firefox not displaying text on website(s)

On 11/15/2017 08:58 PM, Sridhar M A wrote: Yesterday when I updated my system, I got firefox 57. It does appear to work faster. But, I noticed that the sites I frequent, do not display the text: distrocwatch.com, slashdot.org, gmail, etc. Removed $HOME/.mozilla and checked again. Same problem

Re: Firefox not displaying text on website(s)

On 16.11.2017 18:03, Greg Wooledge wrote: > On Thu, Nov 16, 2017 at 03:51:10PM +0500, Alexander V. Makartsev wrote: >>     $ for f in [sans sans-serif serif monospace];do fc-match $f;done > Just for the record, you do not want those square brackets. Not in > bash or any other Bourne-family shell,

Re: Firefox not displaying text on website(s)

On Thu, Nov 16, 2017 at 03:51:10PM +0500, Alexander V. Makartsev wrote: >     $ for f in [sans sans-serif serif monospace];do fc-match $f;done Just for the record, you do not want those square brackets. Not in bash or any other Bourne-family shell, at least.

Re: Firefox not displaying text on website(s)

On Thu, Nov 16, 2017 at 4:21 PM, Alexander V. Makartsev wrote: > Have you checked font settings in Firefox? I started with a clean $HOME/.mozilla so that system-wide defaults would be used. Problem exists. Checked the font list and set fonts specifically. Same problem. >

Re: Firefox not displaying text on website(s)

On Thu, Nov 16, 2017 at 1:36 PM, Jeroen Mathon wrote: > Does the same problem appear when using an older version of firefox? > As I had written, it was working fine with the old version. -- Sridhar M. A.

Re: Firefox not displaying text on website(s)

On 16.11.2017 09:58, Sridhar M A wrote: > Yesterday when I updated my system, I got firefox 57. It does appear > to work faster. But, I noticed that the sites I frequent, do not > display the text: distrocwatch.com, slashdot.org, gmail, etc. Removed > $HOME/.mozilla and checked again. Same problem

Re: Firefox not displaying text on website(s)

Does the same problem appear when using an older version of firefox? On 11/16/2017 05:58 AM, Sridhar M A wrote: > Yesterday when I updated my system, I got firefox 57. It does appear > to work faster. But, I noticed that the sites I frequent, do not > display the text: distrocwatch.com,

Firefox not displaying text on website(s)

Yesterday when I updated my system, I got firefox 57. It does appear to work faster. But, I noticed that the sites I frequent, do not display the text: distrocwatch.com, slashdot.org, gmail, etc. Removed $HOME/.mozilla and checked again. Same problem :-( The screenshots can be seen here:

Website Design/Development & Online Marketing Firm located in INDIA

Dear Sir/Ma’am, Greetings for the Day!! We are a Website Design/Development & Online Marketing Firm located in INDIA; we provide fast, high quality Website Design & Development services as well as Full Custom Design and Development solutions for a variety of CMS and E-Commerce platforms

PSD To Conversion | CMS Website Design | Responsive Website Design | Ecommerce Website

sion 5.) Magento Conversion 2.  Responsive Website Design 3.      CMS Website Design 1.) Word Press Theme Design & Customization 2.) Custom themes, Plugging & Widget Development 3.) Word Press CMS Configuration, Development, Customization 4.) Word Press Installation & Maint

A Proposal For Your Business Website to rank on Google

Hello, I am Rajendra bsending you a proposal regarding the optimization of your business website in Google. Hence I would like to offer my strategy and plan of action designed to rank your website on 1st page when ever searched by someone from your area.. 1. Keywords Analysis & Resear

Website của bạn chưa thu hút nhiều khách hàng liên hệ....

Chào listn, mình nhận thấy website của bạn có nội dung rất tốt so với các website khác. Nhưng người ta liên hệ với bạn khá ít... Nên mình muốn hỏi bạn có muốn gắn một hộp chát vào trang web của bạn ko ??? Hộp chát là cửa sổ nhỏ sẽ hiện ở góc của trang web giống như trang uhChat .net vậy, giúp

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On Wed 24 Feb 2016 at 10:58:56 (+0100), Nicolas George wrote: > Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit : > > Well, md5 beats md4 > > There is something wrong in your library. Thanks for your misplaced confidence in me. It was my timing that wasn't rigorous enough. Cheers, David.

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, Henrique de Moraes Holschuh wrote: > MD5 alone can be somewhat dangerous even in benevolent environments: if the > data sets are large enough or you are just unlucky, The size of the data set does not matter much. As already stated, there is the Pidgeon Hole Principle, which tells us that a

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 02/25/2016 03:07 PM, Stefan Monnier wrote: >> MD5 alone can be somewhat dangerous even in benevolent environments: if the >> data sets are large enough or you are just unlucky, you are going to hit a >> colision and corrupt-or-lose-data-on-dedup sooner or later. > > [G]it doesn't seem worried

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

>> MD5 alone can be somewhat dangerous even in benevolent environments: if the >> data sets are large enough or you are just unlucky, you are going to hit a >> colision and corrupt-or-lose-data-on-dedup sooner or later. > it doesn't seem worried about this. Admittedly, they use sha1 rather ^ G

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

> MD5 alone can be somewhat dangerous even in benevolent environments: if the > data sets are large enough or you are just unlucky, you are going to hit a > colision and corrupt-or-lose-data-on-dedup sooner or later. it doesn't seem worried about this. Admittedly, they use sha1 rather than md5,

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On Tue, 23 Feb 2016, David Wright wrote: > 1) I do what fdupes does, ie identify files (in a benevolent >environment) using the MD5 signature to detect duplicate >contents. MD5 alone can be somewhat dangerous even in benevolent environments: if the data sets are large enough or you are

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 23/02/16 05:50, Thomas Schmitt wrote: > But my curiosity is about whether i indirectly helped the hackers. Technology is just that, technology. With the exception of land mines, it mostly is neither good nor bad itself, it's how it's used, and many tools can be used for both. Software is no

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 02/24/2016 01:48 PM, Nicolas George wrote: > Le sextidi 6 ventôse, an CCXXIV, Christian Seiler a écrit : >> Yes, I know what an HMAC is. But an HMAC is _utterly_ useless for a >> digital signature. > > Please stop commenting the finger when I try to show you the moon. The problem is that you

OT: ownership of Mega.co.nz (was Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System)

On Thu, Feb 25, 2016 at 12:18:40AM +1100, Andrew McGlashan wrote: > https://en.wikipedia.org/wiki/Mega_%28service%29 > > "In July 2015, Dotcom said he doesn't trust Mega service in a Q > session with tech website Slashdot, claims the company had "suffered > from a host

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

to current ownership > > Now is this what his public relations adviser told him to say ? https://en.wikipedia.org/wiki/Mega_%28service%29 "In July 2015, Dotcom said he doesn't trust Mega service in a Q session with tech website Slashdot, claims the company had "suffered from a hostil

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, Feb 24, 2016 at 01:47:57PM +0100, Thomas Schmitt wrote: > Hi, [...] > A large file emerges in ~/Desktop. (I am wearing my garlic necklace now, > spraying holy water, and looking up witch signs in the Malleus Maleficarum.) A nice and

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le sextidi 6 ventôse, an CCXXIV, Christian Seiler a écrit : > Yes, I know what an HMAC is. But an HMAC is _utterly_ useless for a > digital signature. Please stop commenting the finger when I try to show you the moon. I was not saying that HMAC are useful for digital signatures, I was giving

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, an interesting detail in advance: It does not boot from USB stick. Too dumb for that. >From DVD it boots only via BIOS or EFI BIOS emulation, not via generic EFI. I wrote: > > ... google ... Kim Schmitz ... rofl ... i am not that curious. Andrew McGlashan wrote: > Actually he doesn't run

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

>> So a valid way to construct an OpenPGP v4 signature would be to >> use >> >> H(contents || 0x04 0x00 0x01 0x08 0x00 0x00) >> >> as the input for the RSA algorithm (and then pack that up in a >> nice OpenPGP packet). > > I did not have the reference of what OpenPGP does near at hand, I was

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 24/02/16 22:50, Nicolas George wrote: > Le sextidi 6 ventôse, an CCXXIV, Richard Hector a écrit : >> Fair enough. Got a link to someone else's explanation? > > Sorry, I do not. But I gave a rather lengthy explanation myself in > the part you trimmed. Oh, ok. I assumed from your comment about

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit : > Well, md5 beats md4 There is something wrong in your library. Regards, -- Nicolas George signature.asc Description: Digital signature

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Christian Seiler a écrit : > But if you say what Debian is doing is a mistake, then this _is_ what > you are talking about. I am quite sure of what I am talking about and what I am not talking about. > This is decisively not true when we are talking about

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le sextidi 6 ventôse, an CCXXIV, Richard Hector a écrit : > Fair enough. Got a link to someone else's explanation? Sorry, I do not. But I gave a rather lengthy explanation myself in the part you trimmed. Regards, -- Nicolas George signature.asc Description: Digital signature

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 24/02/16 07:52, Nicolas George wrote: > Le quintidi 5 ventôse, an CCXXIV, Christian Seiler a écrit : >> > You have _emphasized_ it, but you haven't _explained_ it, nor provided >> > any search term one could use to look up an explanation for it. > Explaining takes time, I do not want to do it

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

o check trust are described fairly well at the Tails website (of the Tor project). They have sigs from Debian devs and others, if you trust those devs, then you are a long way towards trusting the fingerprint and then you should be able to trust the signature. https://tails.boum.org/doc/get/trust

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 23/02/2016 9:50 AM, Thomas Schmitt wrote: > Hi, > > Sven Hartge wrote: >> You cannot wget a mega.nz URL. You have to use a Javascript-enabled >> Browser to get the file. > > Shall i really enable insecure Javascript to download a malicious ISO ? > > ... google ... Kim Schmitz ... rofl ...

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On Tue 23 Feb 2016 at 16:58:38 (+0100), Nicolas George wrote: > Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit : > > 1) I do what fdupes does, ie identify files (in a benevolent > >environment) using the MD5 signature to detect duplicate > >contents. > > You did not specify the

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 02/23/2016 07:52 PM, Nicolas George wrote: > What you quote is about signing a summary of files at once versus signing > each file individually. This is not what I was talking about. What I was > talking about was signing the file contents itself versus signing the hash > of the file. But if

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Christian Seiler a écrit : > You have _emphasized_ it, but you haven't _explained_ it, nor provided > any search term one could use to look up an explanation for it. Explaining takes time, I do not want to do it if nobody will read it. > Why is what Debian does

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 02/23/2016 04:49 PM, Nicolas George wrote: > Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : >> If the SHA512SUMS.sign > > Stop right there. Signing a bunch of hashes is a beginner's mistake, I have > already emphasized that in this thread. You have _emphasized_ it, but you haven't

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : > You have unsurpassable objections against variants which might not > much weaken the strength of PGP ? > Not even willing to consider the constraints of such variants ? I have no idea what you are trying to express. > Despite leading

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

> The collisions are not known, and very unlikely, but "absolute" means > absolute, not "very likely". from the way you stated: > These are all cryptographic hash functions: too strong for a preliminary > test, insufficient for absolute certainty. I understood you suggest there is a relevant

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, arian a écrit : > where do you get that these are "insufficient for absolute certainty"? > (beside maybe md4) > there are no known collisions in sha1 and better, and even md4's preimage > attack has complexity 2^102. [1,2] There are collisions for SHA1 as soon as

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, Nicolas George wrote: > Signing a bunch of hashes is a beginner's mistake, You have unsurpassable objections against variants which might not much weaken the strength of PGP ? Not even willing to consider the constraints of such variants ? I assume this was discussed among DDs and they

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

> and even md4's preimage attack has complexity 2^102. [1,2] sorry, forgot the quotes: [1] https://en.wikipedia.org/wiki/Preimage_attack [2] https://en.wikipedia.org/wiki/MD4#Security signature.asc Description: OpenPGP digital signature

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

> These are all cryptographic hash functions: too strong for a preliminary > test, insufficient for absolute certainty. where do you get that these are "insufficient for absolute certainty"? (beside maybe md4) there are no known collisions in sha1 and better, and even md4's preimage attack has

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Seeker a écrit : > If you take security out of the equation, simple true or false. > > 1. A corrupted download is better able to be detected when using MD5 than it > is with CRC32. > > 2. A corrupted download is better able to be detected when using SHA than it

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 2/23/2016 3:08 AM, Nicolas George wrote: Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : The ISO checksums are provided more for transport verification than for the fight against intentional mainpulation. If that were true, CRC32 would be enough. Is that a 'Law of averages'

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit : > 1) I do what fdupes does, ie identify files (in a benevolent >environment) using the MD5 signature to detect duplicate >contents. You did not specify the average size of files nor how sure you want to be. If the files are large,

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On Tue 23 Feb 2016 at 16:04:37 (+0100), Nicolas George wrote: > Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit : > > Any faster ones that you recommend from the lists below? (I've rolled > > my own implementation of fdupes (which uses MD5) in python.) > > Nobody can recommend anything

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : > Only as far as use cases for Debian ISO image hashs are concerned. > No hash collisions among all Debian ISOs (or better all ISOs in the > world) is a valuable property. ??? I have no idea what you are talking about. > If the

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, Nicolas George wrote: > > You are changing the terms of the problem at each messages, Only as far as use cases for Debian ISO image hashs are concerned. No hash collisions among all Debian ISOs (or better all ISOs in the world) is a valuable property. i wrote: > > > I could imagine that

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit : > Any faster ones that you recommend from the lists below? (I've rolled > my own implementation of fdupes (which uses MD5) in python.) Nobody can recommend anything without knowing the intended use. Regards, -- Nicolas George

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On Tue 23 Feb 2016 at 13:15:38 (+0100), Nicolas George wrote: > Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : > > i wrote: > > > > The ISO checksums are provided more for transport verification than > > > > for the fight against intentional mainpulation. > > > Nicolas George wrote: >

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : > i have to revoke some of my criticism towards Debian's signed > hash value lists. > Together, MD5, SHA1, SHA256, and SHA512 provide up to 132 bytes of > uniqueness (assumed that they have no systematic correlations). This is irrelevant.

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : > i wrote: > > > The ISO checksums are provided more for transport verification than > > > for the fight against intentional mainpulation. > Nicolas George wrote: > > If that were true, CRC32 would be enough. > For detecting most

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, i wrote: > > The ISO checksums are provided more for transport verification than > > for the fight against intentional mainpulation. Nicolas George wrote: > If that were true, CRC32 would be enough. For detecting most glitches, yes. But not if we want to use it for identifying files in

  1   2   3   4   5   6   7   8   >