On Thu, Mar 06, 2003 at 09:21:21PM -0500, Gary MacDougall wrote:
[snip]
> This is silly to blame the FBI. I'd be far more concerned about the
> average knucklehead
> trying to do this maliciously than thinking the FBI would do it... please.
I wasn't that worried about the FBI, being Australian
On Thu, Mar 06, 2003 at 09:21:21PM -0500, Gary MacDougall wrote:
[snip]
> This is silly to blame the FBI. I'd be far more concerned about the
> average knucklehead
> trying to do this maliciously than thinking the FBI would do it... please.
I wasn't that worried about the FBI, being Australian
On Thu, Mar 06, 2003 at 09:21:21PM -0500, Gary MacDougall wrote:
> If the FBI has the power, time and energy to install a proxy between my
> router
> and my ISP to spoof a package host (i.e. security.debian.org) just to
> root my servers, then they
> are clearly a heck of lot more "geeky" than I
Andrew,
Apologies - I'm having a bad day. Ignore previous
e-mail. If I'd bothered to read the start of the
article properly I would have picked up where it
was coming from a bit better.
However, check out :
http://groups.google.com/groups?q=debian+signatures&hl=en&lr=&ie=UTF-8&selm=2001031417
If the FBI has the power, time and energy to install a proxy between my
router
and my ISP to spoof a package host (i.e. security.debian.org) just to
root my servers, then they
are clearly a heck of lot more "geeky" than I thought. Hell, why go
through that trouble,
why not just grab my traffic
Putting aside the signing of deb packages - The
article is a wee bit simplistic.
The fact that the author is stating that a win
box is not vulnerable would indicate a fairly
large gap in understanding.
If someone has root/Administrator access on a box,
they can bypass any integrity checking mech
Hi,
One of my friends sent me this URL, it's an oldie, and the topic in
general has been discussed before, but this article certainly does raise
some concerns.
http://www.astalavista.com/privacy/library/magic-lantern/fbi.shtml
Andrew
On Thu, Mar 06, 2003 at 09:21:21PM -0500, Gary MacDougall wrote:
> If the FBI has the power, time and energy to install a proxy between my
> router
> and my ISP to spoof a package host (i.e. security.debian.org) just to
> root my servers, then they
> are clearly a heck of lot more "geeky" than I
Andrew,
Apologies - I'm having a bad day. Ignore previous
e-mail. If I'd bothered to read the start of the
article properly I would have picked up where it
was coming from a bit better.
However, check out :
http://groups.google.com/groups?q=debian+signatures&hl=en&lr=&ie=UTF-8&selm=2001031417
If the FBI has the power, time and energy to install a proxy between my
router
and my ISP to spoof a package host (i.e. security.debian.org) just to
root my servers, then they
are clearly a heck of lot more "geeky" than I thought. Hell, why go
through that trouble,
why not just grab my traffic
Putting aside the signing of deb packages - The
article is a wee bit simplistic.
The fact that the author is stating that a win
box is not vulnerable would indicate a fairly
large gap in understanding.
If someone has root/Administrator access on a box,
they can bypass any integrity checking mech
Hi,
One of my friends sent me this URL, it's an oldie, and the topic in
general has been discussed before, but this article certainly does raise
some concerns.
http://www.astalavista.com/privacy/library/magic-lantern/fbi.shtml
Andrew
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subj
On Thu, Mar 06, 2003 at 11:17:07AM -0300, Gustavo Franco wrote:
> Hi jfs,
Hi there.
>
> What's the relationship between these nessus 2.0 packages and the nessus
> 2.0.1 packages[1] of Josip Rodin at the experimental release?
>
These packages are not Josip's :-) (the packages pag
On Thu, Mar 06, 2003 at 11:17:07AM -0300, Gustavo Franco wrote:
> Hi jfs,
Hi there.
>
> What's the relationship between these nessus 2.0 packages and the nessus
> 2.0.1 packages[1] of Josip Rodin at the experimental release?
>
These packages are not Josip's :-) (the packages pag
On Tue, 2003-02-25 at 08:17, Javier Fernández-Sanguino Peña wrote:
> For those of you who are not aware of it: Nessus 2.0.0 has been released
> just today [1]. I've bugged Joy about this (Bug# 182411) but in order to
> make his (and my) life easier I've made new 2.0.0 packages for Nessus (i386
> on
On Tue, 2003-02-25 at 08:17, Javier Fernández-Sanguino Peña wrote:
> For those of you who are not aware of it: Nessus 2.0.0 has been released
> just today [1]. I've bugged Joy about this (Bug# 182411) but in order to
> make his (and my) life easier I've made new 2.0.0 packages for Nessus (i386
> on
Rich Puhek schrieb:
Jeremy T. Bouse wrote:
It's been discussed plenty on the Debian mailing lists as well
as having the package maintainer give an update on the status of the
packages that are being prepared/ready at this time... Might suggest
checking a bit further before making such a
Rich Puhek schrieb:
Jeremy T. Bouse wrote:
It's been discussed plenty on the Debian mailing lists as well
as having the package maintainer give an update on the status of the
packages that are being prepared/ready at this time... Might suggest
checking a bit further before making such a ras
if you build your own packages *from debian sources*, just get the
appropriate source tree. This apply for the kernel as well.
JeF
On Tue, 2003-03-04 at 14:10, Kynn Jones wrote:
>
>
>
>
>
> apt-get update/upgrade is good enough for me as a way to keep up with
> security updates at the binary
if you build your own packages *from debian sources*, just get the
appropriate source tree. This apply for the kernel as well.
JeF
On Tue, 2003-03-04 at 14:10, Kynn Jones wrote:
>
>
>
>
>
> apt-get update/upgrade is good enough for me as a way to keep up with
> security updates at the binary
20 matches
Mail list logo