On Tue, Oct 3, 2017 at 11:05 AM, Georgi Guninski wrote:

Is there a relatively safe way of installing from source on linux? IIRC there was an online database of hashes of the more popular stuff.

Closest thing to an observatory are the hashes in the package systems of all the various BSD / Linux OS worldwide. If their own downloads of the source are being trojaned or infiltrated, then shit's getting real. A second coming of PKI PGP WoT and signed repos like Monotone.ca will be widely rolled out amongst everyone to try to defeat it, but the enemy could prove difficult. The political source of the attack is what needs defeated.

On Tue, Oct 03, 2017 at 03:17:34PM -0300, Juan wrote:

On Tue, 3 Oct 2017 13:43:19 -0400 grarpamp wrote:

...

The political source of the attack is what needs defeated.

exactly right

In the shoes of the slippery slope wedge in the edge of the door, slow boiled frog chefs, the aim of the game of enslavement is always "just enough enslavement that not ‘too many’ people can be bothered to object". A 9/11 here, a statute there, and BAM, ‘on the books’ all our rights no longer exist. A prison breakout event which actually shifts the game in the other direction is the real challenge here.