Ubuntu security is still based on Debian-Developers' complacency. A DD can check the image integrity because he visited a Debian keysigning party and has the GPG web of trust to know the image signing keys are good. That's why it's okay to have instructions and validation text in an insecure scheme. You're a DD.
If you aren't a DD, fuck off. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1359836 Title: Ubuntu ISOs downloaded insecurely, over HTTP rather than HTTPS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1359836/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
