Summary: | [3.1] Adept does not warn if packages are unsigned/signature fails | ||
---|---|---|---|
Product: | adept | Reporter: | Scott Kitterman <kde> |
Component: | general | Assignee: | Peter Rockai <me> |
Status: | RESOLVED UNMAINTAINED | ||
Severity: | normal | CC: | adaptee |
Priority: | NOR | ||
Version: | unspecified | ||
Target Milestone: | --- | ||
Platform: | Ubuntu | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: |
Description
Scott Kitterman
2008-08-15 18:15:44 UTC
The possibility of attack has been roughly the same, DNS poisoning or not. I don't think the risk is nowadays any higher than it's been a few years ago. (Really, do you know how efficient are http certificate warnings? Below 1 %, at least that's a quote from a private study evaluating man-in-the-middle attacks against https. Sad, I know. But users generally just ignore security warnings. I have no idea why, really.) Adept has been in the unmaintained state for a few years. Use muon[1] as replacement . [1] https://launchpad.net/muon |