nanog mailing list archives
RE: M$ CD patches
From: Sean Donelan <sean () donelan com>
Date: Sat, 21 Feb 2004 17:44:46 -0500 (EST)
On Sat, 21 Feb 2004, Michel Py wrote:
I wonder how many will install worms and viruses from a CD that they got not from Microsoft but from phishing schemes that will inevitably pop up around it.....
As far as I know, Microsoft is currently mailing the CDs to only consumers that request the patches. In the future you may be able to obtain patches through other distribution channels, e.g. your ISP or consumer electronics chain or original equipment manufacturer. Regardless of the distribution method, geniune Microsoft patches are always cryptographically signed by Microsoft. Whether consumers can figure out how to check the signature is a different question. Perhaps more significant is Mail Fraud is a well tested law, which has trained, sworn law enforcement active the United States Postal Inspection Service. Unlike ISP abuse departments, the USPIS has badges, carries guns and the legal authority to arrest people. If you receive a counterfeit CD in the mail, I expect both Microsoft and the US Postal Inspection Service would be very interested.
Current thread:
- M$ CD patches David Lesher (Feb 21)
- <Possible follow-ups>
- RE: M$ CD patches Michel Py (Feb 21)
- RE: M$ CD patches Sean Donelan (Feb 21)
- Re: M$ CD patches David Lesher (Feb 21)
- Re: M$ CD patches Sean Donelan (Feb 21)
- RE: M$ CD patches Sean Donelan (Feb 21)
- RE: M$ CD patches Michel Py (Feb 21)