<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Jan 31, 2013 at 12:53 PM, Ketil Malde <span dir="ltr"><<a href="mailto:ketil@malde.org" target="_blank">ketil@malde.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im"><br>
Ertugrul Söylemez <<a href="mailto:es@ertes.de">es@ertes.de</a>> writes:<br>
<br>
> And that may even be more harmful, because an insecure system with a<br>
> false sense of security is worse than an insecure system alone.<br>
<br>
</div>Yes. As is clear to all, the current low level of security means that<br>
nobody are _actually_ downloading stuff of Hackage, thank God. Hackage<br>
just exists for...well, I forget, but certainly not to distribute<br>
software. Right.<br>
<br>
Sarcasm aside, to some extent, this is true. I used to have a cron job<br>
'cabal install'ing my packages off Hackage to ensure that they would<br>
compile with the current offering of their dependencies. But I decided<br>
it was way too risky, and don't do it anymore.<br>
<div class="im"><br>
> Let's do it properly.<br>
<br>
</div>You mean like how it was decisively dealt with when this was discussed<br>
in 2008?<br>
<br>
<a href="https://github.com/haskell/cabal/issues/207" target="_blank">https://github.com/haskell/cabal/issues/207</a><br>
<br>
Or maybe more the way it was firmly handled when it was brought up again<br>
in 2010?<br>
<br>
<a href="http://www.haskell.org/pipermail/haskell-cafe/2010-December/087050.html" target="_blank">http://www.haskell.org/pipermail/haskell-cafe/2010-December/087050.html</a><br>
<br>
This looks increasingly like that time of year when the problem is<br>
pointed out, the crypto geeks get together to construct the Optimal<br>
Solution, and then everybody lose interest and move on to greener<br>
pastures for a while. Well, I don't think the perfect solution exists, and even if<br>
it could be identified, it might not be implemented, and even if<br>
were implemented, it might not be used.<br>
<br></blockquote><div><br></div><div style>Hehe.. hard to argue against history! :-)</div><div style><br></div><div style>Alexander</div><div style><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
We've just been incredibly lucky that nothing really bad has happened so<br>
far. Let's hope it lasts.<br>
<div class="im HOEnZb"><br>
-k<br>
--<br>
If I haven't seen further, it is by standing in the footprints of giants<br>
<br>
</div><div class="HOEnZb"><div class="h5">_______________________________________________<br>
Haskell-Cafe mailing list<br>
<a href="mailto:Haskell-Cafe@haskell.org">Haskell-Cafe@haskell.org</a><br>
<a href="http://www.haskell.org/mailman/listinfo/haskell-cafe" target="_blank">http://www.haskell.org/mailman/listinfo/haskell-cafe</a><br>
</div></div></blockquote></div><br></div></div>