Y
Hacker News
new
|
ask
|
show
|
jobs
by
kwk1
247 days ago
If you're using a Debian derivative these keys should be in packages distributed with your distro with trust coming from that
1 comments
SAI_Peregrinus
246 days ago
Since the distro's site was compromised you also have to check that any keys it distributes haven't changed. And that the compromise wasn't done by a legitimate maintainer.
link
kwk1
246 days ago
The packages in question don't come from the distro's homepage.
link