On Wed, 02 Apr 2014 18:47:52 +0200 Nowaker <enwukaer@gmail.com> wrote:
There may be a transparent proxy in your routing chain that strips compression in order to run a virus scan.
Time for SSL-securing Arch Linux repos to prevent any sort of man-in-the-middle attacks? Even such trivial things like compression stripping, or image optimization often performed by mobile internet providers is a man-in-the-middle. This should be fought by any means.
If you are talking about mirrors, then look at https://www.archlinux.org/mirrorlist/all/https/ . At least in my experience, using tls allows to evade certain routers which redirect to a captive portal if plain http is used, but don't touch encrypted traffic (e.g. if you are in a hotel and need to install something). However, tls adds CPU overhead and is not a way to fight broken ISPs and proxies/routers. Cheers, -- Leonid Isaev GnuPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D