[Ta3m-Seattle] APT default transport NOT safe from sniffing
Andrew Kane
akane at freegeekseattle.org
Mon Jan 25 15:53:50 CET 2016
At the most recent meeting on Monday January 18 I stated that Debian's
APT package manager was not subject to sniffing. I was wrong about this.
>From the output of `apt show apt-transport-tor`:
"
APT already includes mechanisms for guaranteeing the authenticity of the
packages you download. However, an adversary sniffing your network traffic
can still see what software you are installing.
"
I apologize for the bad information. I misunderstood the way APT works.
I stand by my comments about APT proxies: if you administer multiple
Debian boxen, please use one or set up a local mirror. You'll be glad
you did!
More information about the Ta3m-seattle
mailing list