funsec mailing list archives

Re: idea

From: silky <michaelslists () gmail com>
Date: Fri, 2 Jan 2009 09:59:33 +1100

On Fri, Jan 2, 2009 at 4:22 AM, Mike Preston <mike () technomonk com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Its not that bad an idea...

However, you still need to find a way to find the sites in the first
place, find out they are who they say they are and then authenticate the
downloads.

Not impossible, but not trivial either.


I guess a trivial solution is just a bittorrent with relevant files in
it. If AV companies issued updates out over BT as well, that would be
nice. They could have a process of signing each update (do they
already?) so that they're validated.

Pretty trivial.

Mike Preston


-- 
noon silky
http://www.boxofgoodfeelings.com/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: idea Matt Jonkman (Jan 01)
- Re: idea RandallM (Jan 01)
  - Re: idea Mike Preston (Jan 01)
    - Re: idea silky (Jan 01)
    - Re: idea Mike Preston (Jan 01)
    - Re: idea silky (Jan 01)
    - Re: idea Valdis . Kletnieks (Jan 01)
    - Re: idea Rich Kulawiec (Jan 02)
- <Possible follow-ups>
- Re: idea Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 01)
- Re: idea Todd Parker (Jan 01)
- Re: idea Valdis . Kletnieks (Jan 01)
- Re: idea Ben Li (Jan 02)
  - Re: idea Alex Eckelberry (Jan 02)
    - Re: idea Tomas L. Byrnes (Jan 03)

(Thread continues...)