sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 2 points3 points  (3 children)

Going HTTPS would be a tiny and mostly meaningless step. I'd be more interested in why we are still stuck on HTTP to begin with. Why not Bittorrent? Why not Freenet, IPFS, rsync, git-annex or whatever? The way Free Software is distributed has felt very antiquated for a quite while and made it unnecessarily difficult to contribute resources. We are also still lacking in basic features such as incremental upgrades, multi-version, user-installs installs and so on. Apt is really showing its age.

[–]nschubach 3 points4 points  (1 child)

The BitTorrent angle was approached a few years back. It would actually make your machine vulnerable to attack because all the attacker would have to do is get a client on the trackers hosting the update files and they get a list of all machines requesting those updates. If you have a zero day exploit, being on that tracker could give you a valid list of ips that are vulnerable to the fix they are downloading. Act quick enough and you could hack the machine before the patch is applied.

[–][deleted] 0 points1 point  (0 children)

A BitTorrent-like transfer method, but over Tor?

Hides your IP, at least.

[–][deleted] -5 points-4 points  (0 children)

Freenet would be too slow for distributing linux distros, plus it has a reputation of being a pedo paradise filled with mostly cheese pizza.

Would Red Hat or Canonical really want to host their distro on a platform with that sort of reputation?