[pacman-dev] [ Package Signing ] Your signature please
Alf Gaida
info at g-com.eu
Sat Feb 19 14:05:42 EST 2011
>Yeah! Archers deserve to die!
>
>But really I'm not convinced by this hyper-paranoia trash.
>There will always be ways to compromise your machine. Someone who would
>go through the trouble of setting up a proxy mirror and injecting
>malicious code into seemingly normal packages is probably going to find
>other ways. Package signing will not protect you.
>
>You will never be safe.
>The truth is out there.
This is opensource - if you would create real trouble, just help with kernel-
modules. ;) The only difference is, in other distributions these errors came
through your system signed.
Why hacking, when simple development is so easy?
More information about the pacman-dev
mailing list