Hi guys,
I just noticed the tails torrent tracker is using http. Doesn't this leave users of the tracker vulnerable to man in the middle attacks? Obviously the user can verify the sig once downloaded but if the torrent has been attacked then the sig included in the download can't necessarily be trusted and must be downloaded seperately.
_______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
