MITM attacks against portsnap and freebsd-update

Alnis Morics alnis.morics at
Tue May 20 07:32:55 UTC 2014

On 05/20/2014 09:51, n j wrote:
> On Tue, May 20, 2014 at 12:03 AM, David Noel <david.i.noel at> wrote:
>> On 5/19/14, Alnis Morics <alnis.morics at> wrote:
>>> On 05/19/2014 23:28, David Noel wrote:
>>>> I also think it would be an appropriate time to discuss retiring
>>>> portsnap.
>>> Subversion checkouts and updates take much more time than Porstnap.
>> My experience has been that both portsnap and svn update typically
>> take under a minute to complete.
>> Regardless, don't most people run this in the background with portsnap
>> cron?
> I don't. And I don't regularly update the ports tree.
> When you regularly update ports tree, the diffs svn update needs to pull
> are relatively small. When you update, say, once a month, portsnap in my
> experience gets the job done a lot quicker.
> My $.02,
Exactly. And "svn checkout" is incomparably slower than "portsnap fetch 


More information about the freebsd-questions mailing list