[liberationtech] secure download tool - doesn't exist?!?
Griffin Boyce
griffinboyce at gmail.com
Mon Jul 1 14:59:21 PDT 2013
On Jul 1, 2013 5:02 PM, "Eleanor Saitta" <ella at dymaxion.org> wrote:
> This, of course, is a global problem everywhere. A secure channel
> requires a shared secret, in this case between the developers and the
> end user. How does the user get their initial OS image if it didn't
> come with their machine or they didn't buy it in a brick and mortar
> store
It's particularly devious to serve up a tampered-with PGP/GPG4win download,
given how gpg signatures are for other critical software.
~Griffin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130701/517bcba5/attachment.html>
More information about the liberationtech
mailing list