Author

Topic: please put exe files in github too (Read 211 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
July 04, 2019, 01:00:29 PM
#3
You should share your recommendation at https://github.com/spesmilo/electrum/issues, i doubt there are many contributor (especially one who manage releases) who read your thread in this forum.

On a side note, i agree with bob123's opinion, you only need to make sure you download correct file once (which is public PGP signature used to verify signature of released files)
legendary
Activity: 1624
Merit: 2481
July 04, 2019, 03:20:51 AM
#2
github is far more secure than a private server.

I won't argue whether it really is more secure or not now...

But.. the 'security' doesn't matter because you should always verify the signature of the file anyway.

So even if the server is compromised, even if you download a malicious version.. (which can happen on the website as well as on github, no difference here) you should never install it because the signature check will fail.

Stop trusting a server, verify the files yourself.
copper member
Activity: 236
Merit: 17
July 04, 2019, 01:22:46 AM
#1
I recommend put exe files in both website and gtihub release page (https://github.com/spesmilo/electrum/releases). github is far more secure than a private server.
Jump to: