[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gNewSense-users] gNewSense Servers Safe
From: |
Ted Smith |
Subject: |
Re: [gNewSense-users] gNewSense Servers Safe |
Date: |
Thu, 01 Jan 2009 13:13:03 -0500 |
On Thu, 2009-01-01 at 17:49 +0800, Koh Choon Lin wrote:
> >> I noted in recent times, servers for distro like Fedora and Debian
> >> were compromised by hackers. Are there some measures taken for
> >> gNewSense after those incidents?
>
> I actually meant to ask how the servers hosting gNewSense are
> protected to insure against rootkits being inserted into the
> distribution stream.
Well, all packages are PGP-signed, the preferred distribution method of
the LiveCDs is BitTorrent (which is un-rootkitable), and the liveCD's
available for direct download are MD5sum'd (and the MD5sums are
PGP-signed).
The weakest point here is probably the MD5sums, as MD5 has been very
broken for a very long while and it would make a lot more sense to use a
less broken hash to verify authenticity.
signature.asc
Description: This is a digitally signed message part
- Re: [gNewSense-users] gNewSense Servers Safe, Koh Choon Lin, 2009/01/01
- Re: [gNewSense-users] gNewSense Servers Safe, Paul O'Malley - gnu's not unix -, 2009/01/01
- Re: [gNewSense-users] gNewSense Servers Safe,
Ted Smith <=
- Re: [gNewSense-users] gNewSense Servers Safe, Matthew Flaschen, 2009/01/01
- Re: [gNewSense-users] gNewSense Servers Safe, Karl Goetz, 2009/01/01
- Re: [gNewSense-users] gNewSense Servers Safe, Ted Smith, 2009/01/01
- Re: [gNewSense-users] gNewSense Servers Safe, Karl Goetz, 2009/01/01
- Re: [gNewSense-users] gNewSense Servers Safe, Matthew Flaschen, 2009/01/01
- Re: [gNewSense-users] gNewSense Servers Safe, Ted Smith, 2009/01/01
- Re: [gNewSense-users] gNewSense Servers Safe, Matthew Flaschen, 2009/01/01
- Message not available
- Re: [gNewSense-users] gNewSense Servers Safe, Ted Smith, 2009/01/02