|
|
|
|
|
|
by dcbadacd
2706 days ago
|
|
|
They use 1024bit DSA with SHA1, it is not cryptographically secure! Thus they would really benefit from HTTPS, it would provide another layer of protection against tampering. Oh and we haven't even addressed that their "secure signing" doesn't also protect first installs that could be insecurely downloaded. |
|
|
Egypt or Turkey can issue valid fake certificates so you would have to check it if it's not one of those.