Re: HTTPS needs to be implemented for updating

On 18/12/16 22:03, Christoph Moench-Tegeder wrote: second point requires a lot of work to resolve. Regards, Christoph Monday morning yet-to-be-caffienated thoughts... I'm going to ignore the 'inconvenience' because I think in this case that's a specious argument. I acknowledge there's a

Default root password, username/password

is morning, it's very handy for short lived VM's but that's about the only functionality that I believe it's excusable for. Is there a technical reason this 'ability' still exists? Regards, Peter Lawler. -- To UNSUBSCRIBE, email to debian-security-requ...@list

Re: NSA software in Debian

On 25/01/14 00:17, Andrew McGlashan wrote: It's virtually impossible to know one way or another, we just have to have some faith and trust (perhaps too much of one or both). FWIW, agreed. To lightly misquote a network engineering mate of mine... "Not entirely sure why anyone (unquestionably