My specific point was made in context of maven central repository. It gives a false sense of security when you have to have a signed pgp key but no challange for trust.
Mh i thought your answer is ridiculous. Why would someone enforce/use a pgp signature with public key servers without a proper challenge? I know it from my visited 'network of trust' but apparently there is no real…
Putting it out there as an idea, might inspire others and might help. Machine Learning is the most closest thing we have, as far as i know.
So what does this really help? Do i get now a higher liablility because the alert alerted me and i now need to be aware of it? so i'm going on holiday and i'm fucked? You know, a billig alert is a nice thing, its not…
I have said it over and over and will repeat it happily: IF your Services doesn't has a proper limit, you do make yourself suddenly liable to a much higher risk than before and you have to be aware of this. It is the…
My specific point was made in context of maven central repository. It gives a false sense of security when you have to have a signed pgp key but no challange for trust.
Mh i thought your answer is ridiculous. Why would someone enforce/use a pgp signature with public key servers without a proper challenge? I know it from my visited 'network of trust' but apparently there is no real…
Putting it out there as an idea, might inspire others and might help. Machine Learning is the most closest thing we have, as far as i know.
So what does this really help? Do i get now a higher liablility because the alert alerted me and i now need to be aware of it? so i'm going on holiday and i'm fucked? You know, a billig alert is a nice thing, its not…
I have said it over and over and will repeat it happily: IF your Services doesn't has a proper limit, you do make yourself suddenly liable to a much higher risk than before and you have to be aware of this. It is the…