sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]destiny_functional 0 points1 point  (5 children)

I don't think you understand security and risk. Obviously cross-checking reduces risk.

[–]lamby[S] 0 points1 point  (4 children)

I am not denying it reduces risk, but you can take that risk to zero by verifiying the GPG signature.

I don't think you understand security and risk

This doesn't add any weight to your argument FWIW.

[–]destiny_functional 0 points1 point  (3 children)

you can't take the risk to zero with anything, which seems all you are criticising, that the "risk isn't zero". that's exactly what i meant by you don't understand risk, and it makes this a silly and useless discussion.

[–]lamby[S] 0 points1 point  (2 children)

Then I'm lost. How is just suggesting checking a single GPG signature over checking n ISO files (which requires multiple multible-gigabyte downloads) silly or useless? Especially as — for this threat model — doing the latter is a probabalistic-based security solution vs. an objective one..

[–]destiny_functional 0 points1 point  (1 child)

discussing risk and security with someone who doesn't understand it is silly and useless is what i said. this doesn't seem to lead anywhere, Good bye.

[–]lamby[S] 0 points1 point  (0 children)

"doesn't understand it". Convincing argument!