alt Hacker NewsThis manifest only shows sha checks, which wouldn't help if the manifest is updated during the site compromise. How does it do the signature check?
This manifest only shows sha checks, which wouldn't help if the manifest is updated during the site compromise. How does it do the signature check?
Presumably the manifest is in github and won't auto-update when something on the CPU-Z website changes?