1. 14
  1.  

  2. -8

    This is a joke right? “verification” by sig checking? didn’t they (openbsd) write a fucking tool (signify) to make them not do this stupid shit any more? I guess we can’t remember what happened all of 4 years ago when it comes to people’s actual security. Really underscores the trend of bsd mania being really disinterested in actual user security.

    1. 8

      They use signify?: “Verify SHA256.sig using unprivileged signify(1)” - slide 11 of linked PDF.

      source: https://github.com/openbsd/src/blob/7f3597a0e5ea0b10e5130afef0c253a58e676224/usr.sbin/syspatch/syspatch.sh#L168

      1. 7

        Feel free to make your point. But please don’t be an angry/aggressive asshole in how you say it. We are all people here.

        1. 4

          How would you do verification?

          1. 2

            what are some other examples of this “trend” you mention?

            1. 2

              This is a joke right? “verification” by sig checking? didn’t they (openbsd) write a fucking tool (signify)

              What exactly do you think signify does? hint, it’s in the ‘sig’ part of the name.

              1. 5

                Actually, this particular operation is in the ify part of the name. :)

                1. 1

                  ifysign has a nice ring to it too ;)