From: "Geo." 

"John Beckett"  wrote
in message news:40260778.39918569{at}216.144.1.254...

> I'm not saying that signing is invincible. Presumably people will take a
> serious look at it once the easy vulnerabilities have gone. However,
> Microsoft at least have their heart in the right place, and if they did it
> correctly, it would be pretty well impossible to download a fake update
> without some sort of warning (and the admin has to approve the updates
> before they are actually applied).

Oh hey, don't get me wrong. When it comes to making it easy to stay current
MS is best of the bunch.

My question was about using lots of outsourcing for the download. It just
seems to me when you do that it would make it easier to either compromise
one of the machines or possibly do some sort of dns misdirection or even
create a situation where files are out of sync. I mean there are a lot of
folks who don't like MS, how does MS know none of them work for the outfit
hosting the files or the dns entries for the download servers or whatever
else isn't being handled by MS?

Geo.

--- BBBS/NT v4.01 Flag-5