May 14, 2015

On using https mirrors

On confidentiality:

So that they don't know what's inside


  1. I guess the goal is to increase the amount that the NSA needs to store. And the Système D here would be to use it as cover traffic and embed your messages within the package pulls. ;-)

  2. It'd be nice to not reveal the installed set of packages on a machine, the number and architectures of machines behind an IP address, and when a new machine is installed, or exactly when individual packages got updated. Proxying APT through Tor works nicely enough for me. But I wonder if things could be any better if the HTTP redirector supported HTTPS (which always redirects to an HTTPS-capable mirror maybe?).