Alas Poor Erinaceus@lemmy.ml to Privacy@lemmy.mlEnglish · 18 hours agoHow important is it to verify a signature (of say Mullvad Browser)?message-squaremessage-square6fedilinkarrow-up15arrow-down11file-text
arrow-up14arrow-down1message-squareHow important is it to verify a signature (of say Mullvad Browser)?Alas Poor Erinaceus@lemmy.ml to Privacy@lemmy.mlEnglish · 18 hours agomessage-square6fedilinkfile-text
minus-squarecatloaf@lemm.eelinkfedilinkEnglisharrow-up3·14 hours agoRight. The risk is low, but nonzero. You’ll want to make sure that the key you’re validating is provided through another trusted channel, so that an attacker can’t provide a bad download and have you check it against their bad key too.
Right. The risk is low, but nonzero.
You’ll want to make sure that the key you’re validating is provided through another trusted channel, so that an attacker can’t provide a bad download and have you check it against their bad key too.