No way to verify OS download.
Asked by
Austin
Your website does not support SSL. You don't provide SHA2 sums of the ISO file. You don't sign your releases with a developer signing key. It's 2015. Are you seriously encouraging users to download their operating system over http and hope for the best? This is inexcusable. You are making yourself a potential vector for malware by not taking these basic steps. My sister's blog has SSL. You're developing an operating system. WTF.
Question information
- Language:
- English Edit question
- Status:
- Answered
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask Austin for more information if necessary.
To post a message you must log in.