funsec mailing list archives
Re: idea
From: silky <michaelslists () gmail com>
Date: Fri, 2 Jan 2009 09:59:33 +1100
On Fri, Jan 2, 2009 at 4:22 AM, Mike Preston <mike () technomonk com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Its not that bad an idea... However, you still need to find a way to find the sites in the first place, find out they are who they say they are and then authenticate the downloads. Not impossible, but not trivial either.
I guess a trivial solution is just a bittorrent with relevant files in it. If AV companies issued updates out over BT as well, that would be nice. They could have a process of signing each update (do they already?) so that they're validated. Pretty trivial.
Mike Preston
-- noon silky http://www.boxofgoodfeelings.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: idea Matt Jonkman (Jan 01)