henman at tech
Jun 21, 2007, 12:39 AM
Post #1 of 2
(822 views)
Permalink
|
Jason,
> snipped my and some of Jason's text for brevity:
>I am merely pointing out that your claim the software is not useable
by you
>because of this limitation is not true.
Its usability is not the question, but the possibility of
"man-in-the-middle" forgeries.
Sure people can use anything, if they don't care about their system and
data.
>It is your requirement, not the rest of the world.
Wrong, the need for authentication is not novel nor bad. As for your
exaggeration about the "rest of the world". Better you give me one
linux distribution or gnu application that does not have methods to
verify their contents. I am waiting for your kind reply;
> I don't care if you use it or not. I am a user, have
>been for a very long time. No problems. Support is great, product is
>great, community is great.
Then there shouldn't be any problem for providing methods to verify
download binaries.
For all we know in your case, you have downloaded a virus infected
version that is simply montoring you system and reporting or what ever
is possible. You have not way to check.
>If you have a requirement for something and this does not meet that
>requirement. Move on.
Sorry to dissapoint you opinion, but I think it would be better for all,
both users and develepers to protect the code.
>>I would be glad to instruct you as to how to generate an md5 or sha1
>>checksum, but this is so trivial that "not" providing one detracts from
your honesty.
>Really? That makes me laugh. Detracts from honesty? Please, move on to
>another project.
You may laugh, but you completely ignored the assertion. Makes one
wonder of your purposes.
> Jason Short, Ph.D. - Yes, my PhD is in computer science... I KNOW how to
> generate md5 (useless) and sha1 checksums. They don't provide ANY
security.
> And don't bother to reply. If it does not meet your needs, MOVE ON.
Jason Short, Ph. D., in computer science..... Now sir I must laugh and
laugh loud indeed.
The md5sum adds a measure of security and the secure hash algorithm 1
(sha1) adds simular like.
I noticed also that you ignore gpg or pg signatures as a method of
certification.
I recommend that you go back to school and study next time, if indeed
that is your degree, or
better, since you tried it once move on to another subject, like how to
sneak viruses into peoples computers... You seem inclined to it.
yours truely.
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32
|
