On Sat, 2016-06-04 at 10:53 +0200, jim northrop wrote: > what does this mean to the avg hacker ? do we need to fix our kit > anyway ? >
For those who download and check signatures, SHA1 and MD5 are unreliable and provide very weak confidence. I am not sure what stance Gradle, Maven, and Ant take on signature checking, do they do any signature checking at all? -- Russel. ============================================================================= Dr Russel Winder t: +44 20 7585 2200 voip: sip:russel.win...@ekiga.net 41 Buckmaster Road m: +44 7770 465 077 xmpp: rus...@winder.org.uk London SW11 1EN, UK w: www.russel.org.uk skype: russel_winder
signature.asc
Description: This is a digitally signed message part
