When you have to publicly release software like we do with NetEye every two months, it’s fundamental that users can verify that software: in our case that the RPMs that we build come from us and not from someone who pretends to be us, that they have not been tampered with, and that they do…
Read MoreWhy it’s important to use signed packages RPM signing is an often underestimated feature: you use official repositories, why shouldn’t you trust them? Those repositories are also probably protected with TLS encryption, so you feel safe against man-in-the-middle attacks. But you may not be as safe as you think you are. Have you heard about that time when the repository…
Read MoreWhen installing our favorite Linux distribution, the first thing we do is download the official installation image, an ISO file, from the distribution website or a third party site. Imagine for example that CentOS has just released a new version, and we are eager to give this new version a try by performing a fresh…
Read More