Hacker News new | past | comments | ask | show | jobs | submit login

If it was found. Which is the point.

Debian, which is much better known and in much wider circulation than Tails generated weak SSH keys for two years. Yes, it was indeed very big news. When it was found. After two years.

Oh, and tin-foil-hat on: Do we know (actually know-know, not just assume, think, trust) that the weakness wasn't planted there?




TAILS is actually now done by the Tor Project, so I think they have a vested interest in vetting it before it is released.

https://www.torproject.org/projects/projects/


And Debian doesn't have a vested interest in making sure a central security component isn't weakened?

Also, how do you know that Tor and Tails aren't infiltrated by the enemy (for any value of "enemy")?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: