Every time if people going to a web site and download installation image or update their operation system most of Linux users don’t thing about information security. Linux is more secure than OS X and Windows by design, but absolute security is a myth. Yes, some people can store their data high in the Himalayas, but not all can do it. Few of the most popular providers have the big security teams and many users live in countries with censorship like China, Syria, North Korea, Russia, Cuba.
So, can I be sure that web site of my lovely Linux Distribution is real and hackers doesn’t replace it with infected software? Can I get a backdoor in my operating system from installed updates? No, but only with these conditions: