Singapore Government Hackers Love to Hack Teo En Ming's

[Oliver Grawert]

hi,

Am Sonntag, den 09.08.2015, 11:43 +0200 schrieb silver.bullet at zoho.com:

> Btw. a few PPA maintainers for my taste seem to be more trustworthy
> than the owner of Canonical.

In that case you should perhaps consider switching distros ;) 

Canonical has full root access to your install through the package
manager and installer. If you don't feel you can trust your distributor,
you shouldn't pick a binary distro at all in the first place and instead
use LFS or gentoo to compile it from self-audited source I guess ;)

After all you already decided to trust Canonicals expertise with all
your data when you picked to install Ubuntu in the first place. 
After all the build infrastructure that was used to build the PPA
packages of your trusted developer is maintained by Canonical too and I
suppose you trust Canonical to not inject any evil stuff at build time
into the PPA binaries.

Indeed your hints about checking the iso are a pre-requisite to have a
safe system, totally agreed.

I tried to rather refer to behavioural habit when using the installed
system though.

ciao
	oli
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 173 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20150809/658c243f/attachment.sig>