Overview of all pages with the tag #Distribution, such as: Distribution in Depth: Mirrors as a Source of Resiliency| Guardian Project
Overview of all pages with the tag #Debian, such as: Debian over HTTPS| Guardian Project
Overview of all pages with the tag #Tor, such as: Arti, next-gen Tor on mobile| Guardian Project
There is a new vulnerability in Debian’s apt that allows anything that can Man-in-the-Middle (MITM) your traffic to get root on your Debian/Ubuntu/etc boxes. Using encrypted connections for downloading updates, like HTTPS or Tor Onion Services, reduces this vulnerability to requiring root on the mirror server in order to exploit it. That is a drastic reduction in exposure. We have been pushing for this since 2014, and Debian, mirror operators, and others in the ecosystem have taken some big...| Guardian Project