Dailydave mailing list archives

Re: NSRL status check

From: Joanna Rutkowska <joanna () invisiblethings org>
Date: Wed, 13 Dec 2006 01:25:50 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Gadi Evron wrote:

Yes, I know that all the paranoid people would say: "software vendors
can not be trusted!". But that's actually what it is - a paranoia ;) And
it's better to trust software vendors that your A/V vendors ;) Sorry to
all A/V vendors - it's nothing personal - I just don't believe in
blacklisting :/

Many of them already do. And it's often the AV vendors who sign their
binaires.


How can they do that if most of the applications are not signed today?
Also, I'm not talking about prevention, I'm talking about verification.
Please do note the difference.

joanna.
-----BEGIN PGP SIGNATURE-----

iD8DBQFFf0iNORdkotfEW84RAlAPAJ45M204/eg9yDjFitNvkRwa2nhchQCfU38h
hQrzidKFH9ZbAuafUDa0yRw=
=S6+d
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

NSRL status check dan (Dec 11)
- Re: NSRL status check Gadi Evron (Dec 12)
- Re: NSRL status check Joanna Rutkowska (Dec 12)
  - Re: NSRL status check Kevin Stadmeyer (Dec 12)
- <Possible follow-ups>
- Re: NSRL status check Holt Sorenson (Dec 12)
  - Re: NSRL status check Lance Spitzner (Dec 12)
- Re: NSRL status check Joanna Rutkowska (Dec 12)