On Mon, 30 Oct 2006 01:08:15 PST, Aryeh Goretsky said: > Hello, > > Microsoft has a new plugin available for reporting spam to Microsoft directly > from within Outlook. More information, plus download instructions at: > > <http://www.microsoft.com/downloads/details.aspx?FamilyID=53541292-ce94-4c 5b-9127-b7d56f11b619&DisplayLang=en> > > What's strange is that the .MSI file is not signed. > > It is mildly ironic that Microsoft didn't place the file in an AuthentiCode > wrapper. I would think that a tool designed to improve user security would > have this.
Yeah well, they had to cut a few corners to make the ship date - after all, they only have 2 months left to solve the spam problem like Bill Gates promised. :) More seriously though - does it really *matter*? Consider the class of users that will report spam directly to MS - they wouldn't understand if it was signed, or what the benefits are. Conversely, the people who understand what AuthentiCode is almost certainly already have procedures in place. "Wow, I'm so clued I know what Authenticode is. Gee, I'd report all this spam if somebody gave me a big shiny button I'm too lame to do myself...." :)
pgpnPvIgPLQyO.pgp
Description: PGP signature
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
