[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Bittorrent Bleep



On 09/18/2014 20:19, grarpamp wrote:
us, or anyone really, to take you seriously you need to*at minimum*
post on your sites detailed instructions on how to reproduce the binaries
you distribute from the sources you provide. That means any and all

Binaries from the unreputable source are a security risk, and shouldn't be used. No instructions can normally lead to reproducing of the binary-equivalent files. They should distribute the code that can be rebuilt.

It is the Windows culture to directly distribute binaries. This is the vector of propagation of viruses and trojans. Additionally, such executables from SF aren't signed, and can be subject to MITM attacks like Evilgrade https://github.com/infobyte/evilgrade.

Yuri
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk