Re: [dev] suckless compromised?

From: fao_ <>
Date: Sun, 03 Sep 2017 00:56:24 +0100

How do we know that *you* are you? You have never provided any
or signage to confirm it. For all we know you are the imposter.

That said, it is troubling, I agree.

- fao_
PGP fingerprint: 739B 6C5C 3DE1 33FA
"Too enough is always not much!"
On 2017-09-01 12:14 pm, hiro wrote:
> On the website i just found the following information (not distributed
> via mailing list either):
> "The project is now hosted on a new server. All inactive
> accounts have been removed during the relocation.
> Please note that the new ECDSA key fingerprint is
> SHA256:7DBXcYScmsxbv7rMJUJoJsY5peOrngD4QagiXX6MiQU."
> In addition there are now TLS certificates, I guess to create more
> trust in people.
> But, is Anselm even still alive? Why should I trust suckless hasn't
> been taken over by these new guys on the mailing list? Where is the
> proof here?
> Why is the domain on Anselm's name, but all these certificate work
> comes from random dudes like these Laslos and Hiltjos?
> I'm hereby distancing myself from suckless as my former level of trust
> has been broken by all the late events.
> There was one brighter mind who finally joined us, but now it's too 
> late.
> I hope this mail reaches anyone and isn't filtered by some imposter.
> Good bye.
> hiro
Received on Sun Sep 03 2017 - 01:56:24 CEST

This archive was generated by hypermail 2.3.0 : Sun Sep 03 2017 - 02:00:25 CEST