Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Gotta love Robert's sarcasm.. but he's right.
Comments
Anonymous
July 29, 2008
And you should blame Microsoft to not open auto-updates to other products than Microsoft ones. Why isn't Winzip (I do not speak about competing products like OpenOffice) allowed to use a secure and robust update mechanism instead of using a home made one ? Responsibility is not an answer; we are used to click on disclaimers when installing stuff, aren't we. One more disclaimer to accept an update from an "untrusted" (read non MS) source wouldn't be a problem.Anonymous
July 30, 2008
And you should blame Microsoft to not open auto-updates to other products than Microsoft ones. Why isn't Winzip (I do not speak about competing products like OpenOffice) allowed to use a secure and robust update mechanism instead of using a home made one ? Responsibility is not an answer; we are used to click on disclaimers when installing stuff, aren't we. One more disclaimer to accept an update from an "untrusted" (read non MS) source wouldn't be a problem.Anonymous
August 09, 2008
Hmm. Robert may be correct, but digital signatures by themselves do not make a secure update mechanism, unless there is a time-bound sensitivity associated with the signatures (and it would have to be a very finite amount of time at that). Read more <a href="http://securology.blogspot.com/2008/08/package-managers.html">here</a>.