[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [savannah-help-public] 502: Fetching FreeType
|
From: |
Bob Proulx |
|
Subject: |
Re: [savannah-help-public] 502: Fetching FreeType |
|
Date: |
Sun, 19 Aug 2018 15:16:36 -0600 |
|
User-agent: |
Mutt/1.10.1 (2018-07-13) |
address@hidden wrote:
> Jesus Christ ... I'm sorry to hear that! All the best with locking them
> out, no worries, take all the time it takes + thanks for the update!
You know how it goes. It is why we can't have nice things. :-(
> Just a quick question: do you think switching to git:// would help (you
> and/or us)?
If you are using http:// now then switching to git:// would seem to be
equivalent. Should avoid the current brownout problem. Until and
unless the attackers start hitting the git:// side of things too. Or
instead of.
(A lot of people consider both http:// and git:// insecure since they
are not encrypted. But git uses SHA1 hashes through the chain. I
think it would be very hard to change something in a way that isn't
detected.)
At some point in the future probably only encrypted, authenticated,
authorized protocols might be acceptable. Anonymity has challenges.
It's a hostile world out there. (Have you read Lord of the Flies
recently?)
Bob