[guardian-dev] making Debian's software updates more private

Hans-Christoph Steiner hans at guardianproject.info
Tue Jul 8 12:46:16 EDT 2014


A few of us have been trying to figure out how to improve Debian's software
distribution so that the software that people are using remains more private
and difficult to snoop on a mass scale.

You can follow the discussions here:
* https://bugs.debian.org/750522
* https://lists.debian.org/debian-security/2014/07/msg00002.html
* https://lists.debian.org/debian-security/2014/07/msg00022.html

I'm trying to practice what I preach here, so I set up my very first debian
mirror.  It is hosted on my home connection, so be gentle.  It is only
debian-security for amd64 and i386:

deb http://dju2peblv7upfz3q.onion/debian-security/ wheezy/updates main

or

deb http://dju2peblv7upfz3q.onion/debian-security/ squeeze/updates main

This is a test repo, so be sure to keep a real debian-security mirror in your
sources.list!  Just put it after the above line, and apt-get will prefer the
tor hidden service, but still get the latest updates available from
debian-security.

.hc

-- 
PGP fingerprint: 5E61 C878 0F86 295C E17D  8677 9F0F E587 374B BE81

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 969 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20140708/09e53ac0/attachment.sig>


More information about the Guardian-dev mailing list