Jump to content

linux_user

Members
  • Posts

    2
  • Joined

  • Last visited

About linux_user

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Poland
  1. Thanks for your answer Arakasi! But I still think there is an issue here. When you download the Windows version of ESET software you get a digitally signed executable so you're good even if there's no https, as Windows checks the signatures. When you download the Linux version you don't have that luxury. Neither you are provided with the official checksums/hashes for the installer files and you have to resort to some other solution like the one you mentioned. Still, that is not a perfect solution as e.g. a malicious state-level actor (to not call names) could "patch" files right after they leave the ESET server, making every single copy of them modified in the same way. Everyone would download the same files, virustotal wouldn't complain but you would still end up with a malware/rootkit on your system. Not that likely scenario, but why is turning https on/providing official checksums not feasible? PS. I actually purchased the license for the Linux version, in case it looked like I was writing about the trial version.
  2. I cannot find a working https:// download URL for the Linux installer, so there's no way I can be sure that the downloaded file is genuine. Can this be fixed?
×
×
  • Create New...