Thread
:
[GENERAL NOTICE] Service Downtime
View Single Post
MartinK
2013-01-30 , 19:26
Posts: 1,548 | Thanked: 7,510 times | Joined on Apr 2010 @ Czech Republic
#
147
I remember similar distributed repository discussion in some desktop distro (Ubuntu/Debian ?). A good point was made that you are actually indirectly telling the swarm that you have outdated libraries. An attacker just needs to wait for an update for a remote exploit to come down & all the swarm participants that are requesting it before they manage to install it. So this would have to be addressed somehow.
Still, a trusted central repository just doesn't have this issue.
__________________
modRana
: a flexible GPS navigation system
Mieru
: a flexible manga and comic book reader
Universal Components
- a solution for native looking yet component set independent QML appliactions (QtQuick Controls 2 & Silica supported as backends)
The Following 6 Users Say Thank You to MartinK For This Useful Post:
anthonie
,
brkn
,
Ilmanowar
,
joerg_rw
,
PWN900
,
qwazix
MartinK
View Public Profile
Send a private message to MartinK
Find all posts by MartinK