guysoft
commented
6 years ago The md5 is there to for you to test the file has been download successfully, not fo security reasons.
- and 3. is not really an option because unofficialpi.org is donated and does not have that feature.
- I am not doing 5 because there is no space for nightly builds.
Currently I have no way to improve the infrastructure. Everything you see is either donated, or servers I maintain from my own budget. The build server sits in my house. I am aware that FullPageOS is used by large companies and organisations ( see #211 for one of the largest bicycles/e-bicycles production in Europe , and #169 for a large church in the US). And I try and make it available out of good nature. I think that 3 years running its holding pretty well. However, I am not getting any money to host and maintain this. And at the moment I am the only one that is maintaining this. If someone wants to step in and help with better infrastructure that would be great. But at the moment I am spending my own weekends to keep this project going, with no pay. This one I spent committing https://github.com/guysoft/CustomPiOS/commit/4537a1eb332d8a562e9e5174a340ee172582b94a which gives a new export feature and https://github.com/guysoft/HostSpotOS which is a whole new distro. So thanks for the suggestion. I just can't see how to implement this and have the project running, and I have my own startup to run.
unofficialpi.org does not have working HTTPS, and the only way of verifying the image is by using the md5 located on the same server, also over plaintext. This effectively renders the md5 hash useless, as any man-in-the-middle attack could trivially replace the md5 hash with one that matches a tampered image.
Solutions in order of (what I consider) best to acceptable:
Any of these solutions would improve the ability to verify the authenticity of the images exponentially.
This is a very nice project, and it would be great to see this infrastructural issue improved!