You're right. I forgot entirely about package signing. I believe an effective compromise would require gaining access to Canonical's private key that is used to sign the packages. There was an...
Type: Posts; User: SeijiSensei; Keyword(s):
You're right. I forgot entirely about package signing. I believe an effective compromise would require gaining access to Canonical's private key that is used to sign the packages. There was an...
Yes, it's possible but highly unlikely.
If you're worried about this, pick a different repository server. I use one located at a nearby university. There are hundreds of options.