Y
Hacker News
new
|
ask
|
show
|
jobs
by
tstenner
286 days ago
Or detected easily with package builders like Arg Linux's makepkg that ship a hash along with the source URL. As soon as one user gets a different file, he has an alert and the compromised package for later analysis
1 comments
untitaker_
286 days ago
like I said, if you assume your adversary is the US government then they might as well start issuing rogue TLS certs to target individuals.
link