Taking signatures seriously

Caution: Pets Patrol Inc. asserts that this content is safe, but do you trust them? Computer Associates offers free spyware scanning, which is nice.

To run the test, you have to let a signed ActiveX control run in Internet Explorer. That's OK.

But they do essentially tell me to ignore the security dialog: This screen lets you know that eTrust PestScan is a signed or certified ActiveX application that you can trust. That is more than the signature actually tells me. The signature tells me that some company—in this case Pest Patrol Inc.—says I can trust it.

Problem is: I never before heard of Pest Patrol Inc. While I trust Computer Associates, I do not trust a company I never even heard of. If I am this sloppy with signature authenticaton, there is little wonder that I get infected with spyware.

And this is not only CA—hardly anybody expects their end users to check a signature.

Postet av: Jan Egil Kristiansen

PS: My experience is that Pest Scan must be run under an administrator account, but that the error message only tells you to enable ActiveX.

11.05.2005 @ 23:24

Skriv en ny kommentar:

Husk meg ?




Trackback-URL for dette innlegget: