On 2012-04-26 at 00:18:39 -0700, Mike Thompson wrote: > My thoughts were to not include the installation of the official Debian > repository public keys on the Raspberry Pi, but only include the keys for > the alternative Debian armhf repository that contains packages safe for the > Raspberry Pi. This wouldn't prevent someone from installing the official > keys on their own, but it would at least present a barrier the user would > have to intentionally pass over.
In the various LUG mailig lists I'm subscribed to I've often seen people ignoring the unsigned packages warning with a joyful "click ok and don't worry about it" attitude. I'm afraid that the fact that usually nothing bad happens means that the user won't expect this to be a sufficient warning that the system is going to get seriously broken. -- Elena ``of Valhalla''
signature.asc
Description: Digital signature
