this post was submitted on 24 Apr 2024
11 points (100.0% liked)
(safe) Unsecure security
163 readers
2 users here now
(un) Security - Who will guard the guards?
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
FWIW, updates going over HTTP isn't necessarily a problem. Many Linux distros do this too, mostly as a byproduct of the days when HTTPS was expensive. The packages go over http, but they're all signed by the distro's key and validated before they get extracted.
The problem here is they didn't have any way to authenticate the updates before applying them. A good HTTPS infrastructure will mitigate that (an attacker would have to be able to forge an HTTPS certificate), but it's good to sign the updates with a key that's better protected than your HTTPS one anyway.