Arch�s Dirty Little Not-So-Secret
Feb 28, 2011, 19:03 (1 Talkback[s])
"A reader of my blog recently made a comment about Arch's lack
of package signing, and this got me looking into the issue more
carefully. What I found has left me deeply concerned with a number
of aspects of Arch.
"Most distributions, even Windows, sign their packages so that
when the computer downloads and installs them, it can check the
signature to make sure the package is authentic – it hasn't
been tampered with on the server, or anywhere between the server
and the local system. This mechanism has been around for many years
and works well – the tools to implement it are available and
simple to use. Yet for some reason I can't understand, Arch Linux
has never had package signing. Arch packages are simple tarballs
– they can be opened, modified, and retarred, and the
updating system has no way to detect this."