On Tue, Jun 25, 2024 at 10:47:34AM +0200, Vitaly Zaitsev via devel wrote: > On 24/06/2024 23:38, Gary Buhrmaster wrote: > > As I recall from a previous query, there are > > (around) 90 active proven packagers (and > > ~250 total who were in the PP group). > > I think most privacy/security focused developers/maintainers won't plug USB > tokens they get from random people on the Internet into their PC/laptop > because it could be a BadUSB or something even worse. > > The most common attack is when an attacker plants USB devices near the > office of the company they want to attack. Connecting such devices is > completely NO-GO. > I still cringe thinking of the Google Titan keys that's on every seat for the keynote of OSSNA 2023.
Best, -- _o) Michel Lind _( ) identities: https://keyoxide.org/5dce2e7e9c3b1cffd335c1d78b229d2f7ccc04f2
signature.asc
Description: PGP signature
-- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
