search

OpenBazaar / openbazaar-desktop

OpenBazaar 2.0 Desktop Client (talks to openbazaar-go server daemon)
MIT License
647 stars 186 forks source link

Add signature to Openbazaar.deb #1895

Open TNTBOMBOM opened 4 years ago

TNTBOMBOM commented 4 years ago

Brief Description: Signing the software is very important to make sure that the package user has is authenticated from the same developers and not being manipulated/replaced from outsiders.

More info: https://www.qubes-os.org/security/verifying-signatures/

damascene commented 4 years ago

There are a lot of bugs about this issue but OpenBazaar isn't adding it. Maybe there is a good reason for that. https://github.com/OpenBazaar/openbazaar-desktop/issues/868 also this #1737 and #1789

Lew-Rockwell-Fan commented 3 years ago

There is no good reason to not provide gpg-signed hashes in 2021. Especially of software that will deal with money.

TNTBOMBOM commented 3 years ago

This is done by people who know why it is useful in all time like devs, Not by people who doesn't understand shit about security newbies like you.

Lew-Rockwell-Fan:

There is no good reason to not provide gpg-signed hashes in 2021. Especially of software that will deal with money.

Lew-Rockwell-Fan commented 3 years ago

This is done by people who know why it is useful in all time like devs, Not by people who doesn't understand shit about security newbies like you. Lew-Rockwell-Fan:

Learn English. Read the post slowly. Get an adult to help you with the big words and difficult concepts like "no" and "not".