You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Authenticity of all downloaded files should be verified using cryptographic hash fingerprints.
Nowadays there are whole countries that require country-wide SSL certificate to be installed, for example Kazakhstan. This allows them to seamlessly substitute any downloaded file. The client has the responsibility to check all downloads.
Kazakhstan can easily hack users' computers by substituting the file like pmgen.py.
In this particular case, why don't you just save this file into the repository? Why download it?
The text was updated successfully, but these errors were encountered:
here
Authenticity of all downloaded files should be verified using cryptographic hash fingerprints.
Nowadays there are whole countries that require country-wide SSL certificate to be installed, for example Kazakhstan. This allows them to seamlessly substitute any downloaded file. The client has the responsibility to check all downloads.
Kazakhstan can easily hack users' computers by substituting the file like pmgen.py.
In this particular case, why don't you just save this file into the repository? Why download it?
The text was updated successfully, but these errors were encountered: