On 2024-11-07 15:45, David Campbell wrote:
To whom it may concern,
dpkg currently uses MD5 to verify packages, but MD5 is considered
insecure, why not switch to SHA256 (and also update lintian)?
Do you have any evidence that there has been an attempt to post bogus
packages to the official mir
The only way to achieve 100% security is to totally disconnect the
computer, including any power connection. You are still vulnerable to
physical attacks, so for total security destroy all of the components.
--
Jonathan
With that many errors from that many different programs it strongly
suggests that there is a problem with your filesystem, possibly an
existing infection.
When testing for intrusion on a system that has been running with a live
connection, it's necessary to test from an inviolate source, an IS
If this were an actual problem thousands of people would be having it.
Trust the force.
--
Jonathan
I would suggest that the effort you're asking for is already going in to
Debian itself, and that together the maintainers deliver a system that
is a reasonable compromise between security and convenience for a
general use personal computer. People who want to go beyond that and
offer a public
The only way to achieve real security is through knowledge. Pressing a
shiny automated button is just going to implement what somebody else
thinks is good for the system they assume you're running. Find the
security websites, podcasts, newsletters, books. Learn what you really
need to do for
On 2019-08-04 15:27, Richard Owlett wrote:
On 08/04/2019 02:55 PM, *MORON* GM1 wrote:
RTFM.
Could not be bothered giving useful reply
Seriously, reading the documentation is a necessary recommendation. It
would have been useful to suggest WHAT documentation. I think the
suggestion of enc
On 2018-12-03 05:10, Jérôme Bardot wrote:
Why debian is not more harden by default ?
Debian's hardening is adequate for most users, who are typically behind
some sort of protection such as a router/firewall.
If you actually need a hardened system, it's far better for you to do
the hardeni
The kernel package versions can be difficult to sort out, but anything
more recent than the fix date/version will have the fix. It is usually
applied to the current kernel version across all supported releases,
although testing and unstable can lag behind.
What I do is pretty common, aptitude upd
Does it occur to you that the reason for having a "testing" release is
precisely so that problems like this can be found and fixed, and that this
is why it's not smart to run testing on essential production machines?
It is difficult for me to rationalize a serious concern for "security"
with the idea that one should lie back and expect the packaging team to
take care of it all for you. If you are concerned with security, you
should be actively configuring security features yourself, not expecting
that someone
11 matches
Mail list logo
