© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
7020100
(Get the code!)
Verifying SHA256SUMS without verifying gpg signatures is only useful for detecting corruption, not a malicious attack, with or without https.