funsec mailing list archives
Re: idea
From: Mike Preston <mike () technomonk com>
Date: Fri, 02 Jan 2009 01:32:12 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 silky wrote:
I guess a trivial solution is just a bittorrent with relevant files in it. If AV companies issued updates out over BT as well, that would be nice. They could have a process of signing each update (do they already?) so that they're validated. Pretty trivial.
But there is nothing to stop the tracker being blocked and to my knowledge the current Azureus DHT protocol requires a tracker to be present in the first place to allow peers to find each other to bootstrap the protocol. The second problem, is that you are talking about opening up the computer while *downloading* security software to an untrusted network. Perhaps a decent option is to just build a rescue mode into the computers and use that to download updated defs and then install them on the main install. The rescue mode could be hardened with minimal drivers and firewalled up the yangtse. Splashtop springs to mind, although this doesn't seem to have this capability on current implementations... As I said before, its not trivial but its solvable. Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkldbpwACgkQvhwPecbXDdz3ZQCfVqMTbntYH1BTp768eBCbRLct OeYAoIys5WDDvSo3r9XSW7YwZPCTaicV =waS0 -----END PGP SIGNATURE-----
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: idea Matt Jonkman (Jan 01)