Tim Hortons' captive portals break apt. Do they have Tim Horton's coffee
shop in your neck of the woods?
Bryan Harris, PE
Research Engineer
Structures and Materials Evaluation Group
University of Dayton Research Institute
bryan.har...@udri.udayton.edu
http://www.udri.udayton.edu/
(937) 229-5561
The problem is that most people don't use apt at all. Their computer goes
out to see if there are updates and breaks silently. It happens without
user knowledge or intervention.
On Mar 23, 2014 6:01 AM, "Monsta" <756...@bugs.launchpad.net> wrote:
> Would be really nice if you'd fixed it before U
I see that there are http and https methods for downloading items. What if
we just removed http download of files and defaulted to https? This would
neatly guarantee that a captive portal (either broken or malicious) cannot
get away with pretending to be a download server. Assuming https is
impl
I'm willing to spend some time working on a patch.
Does anybody have an idea where in the code a syntax check should go?
Bryan Harris, PE
Research Engineer
Structures and Materials Evaluation Group
University of Dayton Research Institute
bryan.har...@udri.udayton.edu
http://www.udri.udayton.edu/
On 21/03/14 16:41, Monsta wrote:
> It's problematic for one simple reason: APT ceases to function normally
> until you remove the offending files and update the package index again.
>
Simply, it is a Denial of Service.
Quite a neat way to create a window of opportunity for so-called zero-
day vu
