[Popcon-developers] Bug#880121: Bug#880121: popularity-contest: popcon-upload should be made to POST over https
Mateusz Jończyk
mat.jonczyk at o2.pl
Thu Jan 4 10:26:49 UTC 2018
W dniu 04.01.2018 o 11:18, Bill Allombert pisze:
> On Thu, Jan 04, 2018 at 10:54:42AM +0100, Mateusz Jończyk wrote:
>> Hello,
>> It is known that NSA was using error messages from Windows to check which
>> software is installed on user computers and which software they can hack[1].
>>
>> So uploading a list of installed software over plaintext is dangerous.
>
> The list is not in plaintext. It is encrypted with GnuPG before being sent
>
> Cheers,
>
I'm sorry, but I have reviewed the source code and didn't find any place where
it is encrypted with GPG.
I have been browsing version 1.65 from buster.
Greetings,
Mateusz Jończyk
More information about the Popcon-developers
mailing list