[clug] How you know your Free or Open Source Software Project is doomed to FAIL
scudette at gmail.com
Thu Jul 30 08:31:21 UTC 2015
On 30 July 2015 at 08:38, Carlo Hamalainen <carlo at carlo-hamalainen.net> wrote:
> On 30 July 2015 4:30:40 pm AEST, James Ring <sjr at jdns.org> wrote:
>>Well, they'd have to poison the DNS and also convince one of the
>>certificate authorities trusted by wget to issue a SSL certificate
>>with Google's name on it to the attacker.
> Like this?
Of course if they can do this its game over for all software, not only
open source software and not only those that use curl | sh. Therefore
this link is not relevant to the present discussion.
More information about the linux