Re: mildly ironic issue with Microsoft anti-spam download

[Valdis.Kletnieks () vt edu]

On Mon, 30 Oct 2006 01:08:15 PST, Aryeh Goretsky said:
> Hello,
>
> Microsoft has a new plugin available for reporting spam to Microsoft directly
> from within Outlook.  More information, plus download instructions at:
>
>    <http://www.microsoft.com/downloads/details.aspx?FamilyID=53541292-ce94-4c
5b-9127-b7d56f11b619&DisplayLang=en>
> What's strange is that the .MSI file is not signed.
>
> It is mildly ironic that Microsoft didn't place the file in an AuthentiCode
> wrapper.  I would think that a tool designed to improve user security would
> have this.

Yeah well, they had to cut a few corners to make the ship date - after all,
they only have 2 months left to solve the spam problem like Bill Gates
promised. :)

More seriously though - does it really *matter*?  Consider the class of
users that will report spam directly to MS - they wouldn't understand if
it was signed, or what the benefits are.  Conversely, the people who
understand what AuthentiCode is almost certainly already have procedures
in place.

"Wow, I'm so clued I know what Authenticode is. Gee, I'd report all this
spam if somebody gave me a big shiny button  I'm too lame to do myself...."  :)

Attachment: _bin
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.