Comment 1 for bug 1810463

The raspbian and raspberry pi foundation repositories are available over https

Raspbian repository at

https://archive.raspbian.org/raspbian/

Raspberry pi foundation repository at

https://archive.raspberrypi.org/debian/

On 04/01/19 02:08, Patrick Pelletier wrote:
> Public bug reported:
>
> I volunteer at a local library and was helping a student install some
> packages on his Raspberry Pi. We were unable to install any packages,
> because we kept getting the error message "Clearsigned file isn't valid,
> got 'NOSPLIT'". I looked it up, and found this thread:
>
> https://www.raspberrypi.org/forums/viewtopic.php?p=1214648
>
> The thread suggests that this error occurs because the network is
> tampering with packets instead of passing them through unaltered. I
> confirmed that hypothesis by turning on the Wi-Fi hotspot on my phone,
> and having the student connect his Raspberry Pi to my hotspot instead of
> the library's Wi-Fi network. When using my hotspot, we were able to
> install packages on his Raspberry Pi with no problem.
>
> Although this problem is the library's "fault" for tampering with
> packets, the reality is that many libraries and schools perform network
> filtering, and this is unlikely to change. (At least in the US; I don't
> know if it is different elsewhere.) Since the Raspberry Pi is
> specifically designed for use in education, it seems like it would be
> good if it could cope with the network reality at schools and libraries.
>
> The thread on the Raspberry Pi forum (linked above) suggests that the
> solution is:
>
> "As for the Raspbian archive issue - as I said initially, it would be a
> good idea to prod the operator of the Raspbian archive to implement a
> secure HTTPS alternative to avoid this kind of issue by allowing use of
> apt-transport-https."
>
> ** Affects: raspbian
> Importance: Undecided
> Status: New
>