|
|
|
|
|
|
by jy-p
4898 days ago
|
|
|
it is conceivable that such a system could work but it would have to rely on some kind of authenticity check on the binary/script that runs. when "crossing your t's and dotting your i's" it is usually best to use an out-of-band method to check signatures, e.g. download binary installer, check gpg signature or calling them on the phone to verify fingerprints. even so, this cannot stop a MITM unless you do the key exchange in person, e.g. meet the software creator and exchange gpg pubkeys on the spot. |
|
|