Slashdot Mirror

← Back to Stories (view on slashdot.org)

Check Who Signed Off On Your Software

Posted by timothy on from the autographs-for-accountability dept.

An anonymous reader submits "The Software Sig Page encourages software maintainers to publish verifiable signatures for released software and to build the web of trust among software maintainers and software users. If you're afraid of downloading a trojaned OpenSSH, being 0wned while capturing packets, compiling an MTA as well as a backdoor on your system, not being able to trust tools you use every day, or never having a chance from the moment your OS boots, then you want some level of assurance that the software you use is everything the mainatainers expected you to have and no more. Look and check the MD5 and PGP signatures that come with software you download."

2 of 25 comments (clear)

  1. Cryptographic signatures... by Anonymous Coward · · Score: -1, Offtopic
    what's the deal w/ cryptographic signatures

    is it cool, or is it whack?

  2. I'm worried about some guy compiling on my face by Anonymous Coward · · Score: -1, Offtopic

    T_T Boyz are so GROSS!!!!!