On Fri, 11 Jul 2008, bryanm@acsalaska.net wrote:
> I haven't RTFA, but the comments on slashdot point out that when
> you become aware of updates and conscientiously give the update
> command, you're advertising that the computer at your IP address
> is running a vulnerable package. If you request the update from
> a malicious mirror, it can target your IP and have a rootkit
> installed before you have a chance to update the package.
>
> Now THAT's scary.
Great point. Another reason why I maintain my own packages.
--Arthur Corliss
Live Free or Die
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Fri Jul 11 22:50:55 2008
This archive was generated by hypermail 2.1.8 : Fri Jul 11 2008 - 22:50:55 AKDT