[vox-tech] possible rooted system / checking md5sum on debian

[Rick Moen]

Quoting Bill Kendrick (nbs@sonic.net):

> Sean 'Shaleh' Perry from the Debian project's coming to speak in
> December.  We can hound him then. ;^)

That would be good, because he just got through talking about Debian
package distribution and security at the Internet Developers' Group
at Netscape HQ, last month.  He covers, among other things, the extent
of risk from various threat models, including a compromised downstream
package mirror such as the one UCB reportedly had.  

Grill him on it.  ;->

(That stuff in http://linuxmafia.com/~rick/linux-info/debian-package-signing 
partially reflects conversations on the subject I've had with Sean and
with Joey Hess, in the past.)

-- 
Cheers,                        My pid is Inigo Montoya.  You kill -9    
Rick Moen                      my parent process.  Prepare to vi.
rick@linuxmafia.com