Archives
Archives
| From: | "Vadim A. Misbakh-Soloviov" <mva@×××.name> | ||
|---|---|---|---|
| To: | gentoo-dev@l.g.o | ||
| Subject: | Re: [gentoo-dev] Current Gentoo Git setup / man-in-the-middle attacks | ||
| Date: | Sun, 29 Mar 2015 18:06:25 | ||
| Message-Id: | 1928601.DYGons7kRx@note | ||
| In Reply to: | Re: [gentoo-dev] Current Gentoo Git setup / man-in-the-middle attacks by Sebastian Pipping |
||
| 1 | > |
| 2 | > They would not do online banking over http, right? Why would they run |
| 3 | > code with root privileges from http? |
| 4 | |
| 5 | 1) Actually, they will :( |
| 6 | 2) Because they can't review what bank received via insecure channel, while |
| 7 | they can review what they're themselves received via http/git. |
| 8 | |
| 9 | -- |
| 10 | Best regards, |
| 11 | mva |
| File name | MIME type |
|---|---|
| signature.asc | application/pgp-signature |