On Wed, 2016-05-25 at 17:02 -0500, Chris Bennett wrote: > Get the SHA256.sig from a different server than the install files, after > all, using just one server could be a problem if it is compromised. > > And face the reality of things: > > 1. The small bad guys. They can put up compromised install files and sig > files. They laugh at the damage the did to you. Jajaja. > > 2. The worse bad guys. Your actual network from your ISP is compromised > and you get compromised data. Period. > > 3. The worst bad guys. The ones you have no protection against under any > circumstances. These are the people who have physical access to your > computer. The manufacturers. They can install compromised chips to the > motherboard, etc. > > You just have to accept that you can't have perfect security. Just beat > the first step and live with the other threats. > # 2 and 3 have already been compromised. Just don't put any of > your really evil secrets on your computer. Pencil and paper? > > Don't worry and be happy! > > Chris Bennett >
#1 and #2 would be covered if MITM-safe verification was in place. #3 would have major inconveniences at least. By the same reasoning, you don't really need security fixes and countermeasures either. So much for the security-oriented OS.
