Re: idea

[Mike Preston <mike () technomonk com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

silky wrote:

> I guess a trivial solution is just a bittorrent with relevant files in
> it. If AV companies issued updates out over BT as well, that would be
> nice. They could have a process of signing each update (do they
> already?) so that they're validated.
>
> Pretty trivial.

But there is nothing to stop the tracker being blocked and to my
knowledge the current Azureus DHT protocol requires a tracker to be
present in the first place to allow peers to find each other to
bootstrap the protocol.

The second problem, is that you are talking about opening up the
computer while *downloading* security software to an untrusted network.

Perhaps a decent option is to just build a rescue mode into the
computers and use that to download updated defs and then install them on
the main install. The rescue mode could be hardened with minimal drivers
and firewalled up the yangtse. Splashtop springs to mind, although this
doesn't seem to have this capability on current implementations...

As I said before, its not trivial but its solvable.

Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkldbpwACgkQvhwPecbXDdz3ZQCfVqMTbntYH1BTp768eBCbRLct
OeYAoIys5WDDvSo3r9XSW7YwZPCTaicV
=waS0
-----END PGP SIGNATURE-----

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.