[Dailydave] NSRL status check
Joanna Rutkowska
joanna at invisiblethings.org
Tue Dec 12 19:25:50 EST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gadi Evron wrote:
> Yes, I know that all the paranoid people would say: "software vendors
> can not be trusted!". But that's actually what it is - a paranoia ;) And
> it's better to trust software vendors that your A/V vendors ;) Sorry to
> all A/V vendors - it's nothing personal - I just don't believe in
> blacklisting :/
>
>> Many of them already do. And it's often the AV vendors who sign their
>> binaires.
>
How can they do that if most of the applications are not signed today?
Also, I'm not talking about prevention, I'm talking about verification.
Please do note the difference.
joanna.
-----BEGIN PGP SIGNATURE-----
iD8DBQFFf0iNORdkotfEW84RAlAPAJ45M204/eg9yDjFitNvkRwa2nhchQCfU38h
hQrzidKFH9ZbAuafUDa0yRw=
=S6+d
-----END PGP SIGNATURE-----
More information about the Dailydave
mailing list