Thread: [Alert] PR1.2 install bug - take action now!
View Single Post
itsnotabigtruck is offline itsnotabigtruck
2012-02-21 , 20:45
Posts: 245 | Thanked: 915 times | Joined on Feb 2012
#9
Originally Posted by mikecomputing View Post
Well as already stated I was mistaking his post in a way. But still I think its good to point too only support trusted keys atleastr for normal users.

I guess they could add an option to in rootmode to ask if not trusted.

But personally I am sick and tired of "untrusted" keys both in Linux and on many https:// sites. The more you have to "entyer untrusted" the more you ignore those warnings.

So my point was more like get the damn key/certs etc.. in place...
This isn't the same as SSL certificates - APT security doesn't even use SSL, or certificates. While APT signatures can make things more secure for expert users, this isn't going to provide any benefit to anyone in most cases. Instead, it'll just make it harder to set up repositories distributing additional N9 apps, and confuse users with strange error messages.

Deploying APT signatures also does nothing to protect against malware in any realistic scenario - though since malware follows the money, I highly doubt such programs will ever be a serious threat on Harmattan.

However, in order to have things continue to work smoothly on PR1.2, it's going to be necessary to use APT signatures anyway, so it's time to get started.
Last edited by itsnotabigtruck; 2012-02-21 at 21:28.
 

The Following 2 Users Say Thank You to itsnotabigtruck For This Useful Post: