Date: Tue, 17 Mar 2015 07:37:50 -0700
From: Henry Baker <hbaker1 () pipeline com>
Subject: Kali Linux security is a joke!
FYI -- Your best chance to hack the hackers...
"Downloading Kali Linux"
"Alert! Always make certain you are downloading Kali Linux from official
sources, as well as verifying md5sums against official values. It would
be easy for a malicious entity to modify a Kali install to contain
malicious code, and host it unofficially."
http://docs.kali.org/category/introduction
---
No kidding!
So how come whenever you do apt-get install in Kali Linux, it accesses
http://security.kali.org and http://http.kali.org ??
Hasn't Kali heard about MITM attacks against http ??
What's the point of verifying md5 sums against "official values", if Kali
can't even get the "official values" securely ??