1996-07-12 - Reasonable validation of a software package

Header Data

From: Anonymous User <nobody@c2.org>
To: cypherpunks@toad.com
Message Hash: d25b642af8771590ec8872b393d17d72e17d4ba283e5fafbc2318361d9682059
Message ID: <199607121405.HAA09514@infinity.c2.org>
Reply To: N/A
UTC Datetime: 1996-07-12 21:18:55 UTC
Raw Date: Sat, 13 Jul 1996 05:18:55 +0800

Raw message

From: Anonymous User <nobody@c2.org>
Date: Sat, 13 Jul 1996 05:18:55 +0800
To: cypherpunks@toad.com
Subject: Reasonable validation of a software package
Message-ID: <199607121405.HAA09514@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Fellow cpunks:

I am working on various software packages for UNIX and
Windows and since this is commercial work and prior NDA's
are involved, I can't include the source code for
absolute validation.

What would assure one that a package has not been tampered
with from the company to the user?

(Currently, I am using PKZIP's rather anemic AV protection,
as well as signing the archive with my PGP key.  I am 
wondering if there are any other steps I need to take to
assure that a package came from me, and wasn't 
damaged/altered/tampered with in transit.)

Thanks in advance.






Thread