[Cryptography] Kali Linux security is a joke!
simon+metzdowd at bleah.co.uk
Wed Mar 18 17:33:09 EDT 2015
On 17 March 2015 19:31:17 GMT+00:00, Alfie John <alfiej at fastmail.fm> wrote:
>On Wed, Mar 18, 2015, at 05:32 AM, Viktor Dukhovni wrote:
>> I would take some time to study the "apt" security model. It is not
>> perfect, but the use of http is not a significant problem.
>An issue with HTTP for apt is information leak. People listening on the
>wire will know what software you're installing on machines.
I would still say that is a minor issue, but if you really are concerned about the lack of transport security, find a HTTPS mirror and see where the apt-transport-https package gets you. If it's not secure enough, well it's free software, file bugs and, if you are able, provide patches.
More information about the cryptography