[clug] How you know your Free or Open Source Software Project is doomed to FAIL

James Ring sjr at jdns.org
Thu Jul 30 04:05:41 UTC 2015


Hey Scott,

On Wed, Jul 29, 2015 at 8:59 PM, Scott Ferguson
<scott.ferguson.clug at gmail.com> wrote:
> Downloading anything which is not verifiable, from a http source leaves
> you open to MiM attacks - what you subsequently download may be not what
> you think.

Please tell me what you think you mean by "verifiable". :)

https://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf



More information about the linux mailing list