Singapore Government Hackers Love to Hack Teo En Ming's Computers, Smartphones, and Internet Online Accounts

Teo En Ming teo.en.ming at gmail.com
Tue Aug 11 11:59:27 UTC 2015 

On Sun, Aug 9, 2015 at 5:43 PM,  <silver.bullet at zoho.com> wrote:
> On Sun, 09 Aug 2015 11:22:37 +0200, Oliver Grawert wrote:
>>* do not use third party repositories like PPAs (unless you can and
>>want to inspect the source code in there before using the binaries)
>
> This depends to the trustworthiness. You might trust the Ubuntu
> maintainers and you might trust a PPA maintainer. Assumed you trust
> those people, than you still need trusted keys.
>
> I already posted it two times:
>
> https://help.ubuntu.com/community/VerifyIsoHowto
>
>   "$ gpg --verify MD5SUMS.gpg MD5SUMS
>   gpg: Signature made 2014-07-25T01:53:21 CEST using DSA key ID FBB75451
>   gpg: Good signature from "Ubuntu CD Image Automatic Signing Key
>   <cdimage at ubuntu.com>" gpg: WARNING: This key is not certified with a
>   trusted signature! gpg:          There is no indication that the
>   signature belongs to the owner. Primary key fingerprint: C598 6B4F
>   1257 FFA8 6632  CBA7 4618 1433 FBB7 5451
>
>   In this example a "Good signature" validates the integrity of the
>   given file. The warning message indicates your current GnuPG trust
>   database does not have trust information for that signing key, unless
>   you have actually verified and signed one of the public keys
>   belonging to signers of the Ubuntu CD Image signing key."
>
> Resume:
>
> If you already downloaded the ISO by a button to download the ISO only,
> without downloading the signed checksum and the public key and without
> having a trusted source to ensure that the owner of the key is really
> the person you trust, all your hints are null and void.
>
> Btw. a few PPA maintainers for my taste seem to be more trustworthy
> than the owner of Canonical. And again, this is just my taste, who ever
> we trust, we still need to ensure that we have the correct public keys.

Well, I don't understand the web of trust. Guess I need to read more at
http://www.gnupg.org/gph/en/manual.html#AEN554

Yours sincerely,

Subtle Denial of Medical Treatment by the Singapore Government for Mr.
Teo En Ming (Zhang Enming)
Link: https://www.scribd.com/doc/258700156/Subtle-Denial-of-Medical-Treatment-by-the-Singapore-Government-for-Mr-Teo-En-Ming-Zhang-Enming

More information about the ubuntu-users mailing list