On Mon, Jul 09, 2012 at 09:10:59PM +0200, Andreas Kuckartz wrote: > Thanks for the suggestion to use "vagrant ssh". I am now having a close > look at the VM from inside. > > I noticed that all the repositories configured in > /etc/apt/sources.list > use http instead of https. > > I suggest to change that to reduce the threat of MITM attacks. To do that > apt-get install apt-transport-https > is required.
All repositories and their respective content are authenticated using cryptographic signatures [1]. I don't really see a reason in preventing content proxying (which is essential for fast builds) to prevent DoS attacks. [1] http://wiki.debian.org/SecureApt > I am experimenting with these and other changes. Please do! And submit patches! :) -- Ague
pgpLZjGEXI4kC.pgp
Description: PGP signature
_______________________________________________ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
