On Mon, 21 Nov 2011 09:14:54 +0200, Andrei Popescu wrote: > On Du, 20 nov 11, 18:10:34, Camaleón wrote: >> >> I've never faced a security problem when installing over the network > > How can you tell? ;)
gOOd catCh. (Mmm... what happens with my keyboard? Seems like someone is typing on behalf me :-P) >> (Internet) and take no additional countermeasures but ensuring the net >> ISO checksum for the image I have downloaded is okay. >> >> A compromised mirror can hit at anytime not just when installing. > > A compromised mirror would be the least of my worries (due to > secure-apt). There have been two intrusions that are still fresh on my mind (IIRC, one was at Fedora infrastructure and the last one to the kernel servers) and I have an extra of paranoid-thinking these days... > In theory it could be possible to compromise the system during the > install, but I think the risk is quite low. Yup, I also think so. > It would probably have to be a targeted attack during a narrow window of > a non-standard system not listening to any ports (unless you > specifically activated ssh, but then you should know what you're doing). Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/pan.2011.11.21.18.00...@gmail.com