(I re-sending this because I was mention it incorrectly first time. Every one usually read first post and leave the rest of the thread, if don’t like it. So i preferred to post it as new Topic instead of end of that thread)
This technique is for avoiding Ubuntu cooperation with governments that there is less chance of independent security firms in their countries.
I suggest adding an option that user can verifies updates and packages checksum through a proxy or VPN, that previously installed or are installing
Notes:
- This verification system should be unchangeable by updates, so it can checks previously installed updates that downloaded through a method that has revealed user’s country to Ubuntu (for example by a betraying VPN)
- Downloading whole file through proxies (Tor for example). will cause problems like potential activist targeting
- About installation media, the user itself manually can check its checksum using above method.