[Tails-dev] tails torrent tracker is http

このメッセージを削除

このメッセージに返信
著者: Sina S
日付:  
To: The Tails public development discussion list
題目: [Tails-dev] tails torrent tracker is http
Hi guys,

I just noticed the tails torrent tracker is using http. Doesn't this leave
users of the tracker vulnerable to man in the middle attacks? Obviously the
user can verify the sig once downloaded but if the torrent has been
attacked then the sig included in the download can't necessarily be trusted
and must be downloaded seperately.