Reply to post: Re: I dunno if this would work...

Your antivirus doesn't like Ammyy. And fraudsters will use that to RAT you out (again)

JLV

Re: I dunno if this would work...

That's a good idea. But I think it's what the hash signatures you see on some downloads are used for. Of course that supposes you can ensure that your good hashes are stored elsewhere and secured against manipulation.

Sobering incident. Both for someone wanting to distribute software and someone installing it.

I always think that the less sites you trust as download sources, the better. App Stores are OK by me, so are the open source repos for Linux and Port/Homebrew (Mac). Past that... I need to really need that software.

PyPi, the Python script repo is another worrying example. Not sure how much vetting, if any, is taking place on uploads. Yes, you can read what you download, but install scripts have already, as sudo, run by then. And it doesn't take many lines of Python to make a mess.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022