alt Hacker NewsThe official announcement is very sparse on details. If the developer doesn't know how his digital signature (and update infrastructure?) was compromised, how does switching to a new signature help? It could get compromised in the exact same way.
The official announcement is very sparse on details. If the developer doesn't know how his digital signature (and update infrastructure?) was compromised, how does switching to a new signature help? It could get compromised in the exact same way.
The article linked here brings some more details, but also, the official statement doesn't use the word "compromised". If it did, well it would be a statement with different meaning than the one that was released for us to read.