#vim - Sat 7 Apr 2007 between 00:12 and 00:46

NY Lost Funds



cp1134is there anything in particular you have to do to have a recodring apply to a visually selected region?
day_sleeperHi!
yurikshey
day_sleeperAre there any cryptographic signatures for the windows installer or the source code?
Or downloads with ssl?
calmarday_sleeper: cvn or what vim uses, it not sure enough?
(cvs)
day_sleepercalmar: Sorry, I don't understand what you mean. :)
calmarday_sleeper: you want to make sure, you download from a 'secure' place?
(getting the 'original' or so?)
day_sleepercalmar: Yes, exactly. You know (maybe) there are some discussion about the "Bundestrojaner" here in germany. Some politivans want to change law so they can force the ISPs to inject arbitrary code in downloads and suchs things.
And I'm quite sure however they want to do it, it can also be exployted.
It would be nice if there were some signatures or signed md5/sha1 files like e. g. it is be done with firefox.
yuriksday_sleeper: wow that sucks
day_sleeper: be sure to make a bunch of China and Internet related posters and put them around the city
day_sleeperYeah luckily there are demos and such against this. Some other politicans also say, the others seem mentally disordered. :)
yurikshaha
calmarday_sleeper: from what I understand, only some developers can produce and upload those binaries < protected with a password so.
day_sleeperBut independant of that discussion, "normal" man-in-the-middle attacks are possible w/o signed checksums or suchs.
yuriksindeed
but then I just think "who the fuck would bother with me?" and go on =]
calmarday_sleeper: well, when you're really interested, may post your concerning also at the vim mailing list. there you might get quite some answers..
day_sleeperI searched the mailinglist a bit if Bram sends out checksome or something in his announcements, but he doesn't it seems.
calmar: Yeah, I should do that it seems.
yuriksday_sleeper: they could just alter the checksum too you know
calmarwhen you ask there, he might reply you why etc. yeah. you may should
day_sleeperyuriks: Yes, when they are not signed. If signed the probabilty it is forged is arbitrary small.
calmari guess it would have get signed with gpg or so. that would be quite save.
but i'm sure they will tell you some reasons...
day_sleepercalmar: What is signed?
calmaror will do it in the future
day_sleeperMaybe there was just not enough awareness of this?
calmarwho knows. maybe
I would guess, they thought about that already so.
md5sum is good for checking if the download is ok, not much more.
Eucalsay, how do I say "find 'string' in file, but don't search comment lines" ?
calmar[^#].*string or similar
day_sleeperEucal: Tune your regex so will be no comment seperator before the string?
^[^#].*string
It's important that is it anchored at the beginning then.

Page: 2 9 16 

IrcArchive

NY Lost Funds