Jason,
> snipped my and some of Jason's text for brevity: >I am merely pointing out that your claim the software is not useable by you >because of this limitation is not true. Its usability is not the question, but the possibility of "man-in-the-middle" forgeries. Sure people can use anything, if they don't care about their system and data. >It is your requirement, not the rest of the world. Wrong, the need for authentication is not novel nor bad. As for your exaggeration about the "rest of the world". Better you give me one linux distribution or gnu application that does not have methods to verify their contents. I am waiting for your kind reply; > I don't care if you use it or not. I am a user, have >been for a very long time. No problems. Support is great, product is >great, community is great. Then there shouldn't be any problem for providing methods to verify download binaries. For all we know in your case, you have downloaded a virus infected version that is simply montoring you system and reporting or what ever is possible. You have not way to check. >If you have a requirement for something and this does not meet that >requirement. Move on. Sorry to dissapoint you opinion, but I think it would be better for all, both users and develepers to protect the code. >>I would be glad to instruct you as to how to generate an md5 or sha1 >>checksum, but this is so trivial that "not" providing one detracts from your honesty. >Really? That makes me laugh. Detracts from honesty? Please, move on to >another project. You may laugh, but you completely ignored the assertion. Makes one wonder of your purposes. > Jason Short, Ph.D. - Yes, my PhD is in computer science... I KNOW how to > generate md5 (useless) and sha1 checksums. They don't provide ANY security. > And don't bother to reply. If it does not meet your needs, MOVE ON. Jason Short, Ph. D., in computer science..... Now sir I must laugh and laugh loud indeed. The md5sum adds a measure of security and the secure hash algorithm 1 (sha1) adds simular like. I noticed also that you ignore gpg or pg signatures as a method of certification. I recommend that you go back to school and study next time, if indeed that is your degree, or better, since you tried it once move on to another subject, like how to sneak viruses into peoples computers... You seem inclined to it. yours truely. _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32 _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32
