It is possible that something slipped into Debian at the distribution level, but someone would have found it by now, using Ethereal, firewall logs, etc.
Mike
Mike M wrote:
I just read an article about spyware. I googled "linux spyware" and
that people think Linux is immune. That got me to thinking about the
chain of trust I subscribe to in using Debian. For example, I use
mutt. What if the upstream developer installed spyware? Do I trust the Debian package maintainer to review the code and alert the
community to the problem? I can't spend my time reading source for
every package I use.
THe only solution I can think of is to use a live-cd like Knoppix to do critical and sensitive tasks like financial transactions.
Anybody else thought about this?
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
