On Tue, 17 Feb 2015 18:03:41 -0800, Max wrote: >> Max signs a message to a mailing list with a PGP SIGNATURE and at >> the same times recommends to install from a PPA ;). SICR. I would >> install from a PPA too, with or without trusted key, but it's too >> funny that somebody who feels the need to sign messages to a list >> recommends to install from an untrusted repository. Perhaps I'm >> mistaken and kernel.ubuntu.com is a trusted Mint repository. > >Glad to bring you joy today Ralf. > >If you add the PPA https://launchpad.net/~kernel-ppa that might give >you a thin added layer of security so you know that noone has hampered >with your kernel while downloading it, because your package manager >will take care of the key exchange and verifying if I'm not mistaken. > >You still have to trust Mark Shuttleworth because you download from >the Ubuntu Server, but since you use Mint I recon you trust him anyhow >already. I'm just kidding, because it's unusal to sign messages send to a list. My explanation to build a kernel just downloaded the source from kernel.org. For those who want "security": https://www.kernel.org/category/signatures.html In the end we anyway need to trust somebody most of us don't know and regarding a current thread on a FreeBSD mailing list, the NSA's spyware is inside our HDD's firmware :D. _______________________________________________ Linux-audio-user mailing list Linux-audio-user@xxxxxxxxxxxxxxxxxxxx http://lists.linuxaudio.org/listinfo/linux-audio-user
