funsec mailing list archives
Re: mildly ironic issue with Microsoft anti-spam download
From: Valdis.Kletnieks () vt edu
Date: Mon, 30 Oct 2006 22:28:16 -0500
On Mon, 30 Oct 2006 01:08:15 PST, Aryeh Goretsky said:
Hello, Microsoft has a new plugin available for reporting spam to Microsoft directly from within Outlook. More information, plus download instructions at: <http://www.microsoft.com/downloads/details.aspx?FamilyID=53541292-ce94-4c
5b-9127-b7d56f11b619&DisplayLang=en>
What's strange is that the .MSI file is not signed. It is mildly ironic that Microsoft didn't place the file in an AuthentiCode wrapper. I would think that a tool designed to improve user security would have this.
Yeah well, they had to cut a few corners to make the ship date - after all, they only have 2 months left to solve the spam problem like Bill Gates promised. :) More seriously though - does it really *matter*? Consider the class of users that will report spam directly to MS - they wouldn't understand if it was signed, or what the benefits are. Conversely, the people who understand what AuthentiCode is almost certainly already have procedures in place. "Wow, I'm so clued I know what Authenticode is. Gee, I'd report all this spam if somebody gave me a big shiny button I'm too lame to do myself...." :)
Attachment:
_bin
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- mildly ironic issue with Microsoft anti-spam download Aryeh Goretsky (Oct 30)
- Re: mildly ironic issue with Microsoft anti-spam download Valdis . Kletnieks (Oct 30)
- Re: mildly ironic issue with Microsoft anti-spam download Aryeh Goretsky (Oct 30)
- <Possible follow-ups>
- Re: mildly ironic issue with Microsoft anti-spam download Fergie (Oct 30)
- Re: mildly ironic issue with Microsoft anti-spam download Valdis . Kletnieks (Oct 30)