hi On Wed, 5 Aug 1998, Ralf Rudolph wrote: > Today, when I started the yahoo pager, it automatically downloaded > executable files from http://pager.yahoo.com/pager/download/ (files > ypager.ex_, d23-fw.dl_, myyahoo.dl_ and possibly others) and installed > them without asking me. AFTER the upgrade, a message "Application > successfully upgraded!" was displayed. well, according to our engineers, Yahoo Pager doesn't update its binaries automatically, you'll be asked to confirm the update. But the updater itself *will* be updated automatically w/o your confirmation which is not a Good Thing. They are aware of it and they're trying to fix it. Simple user confirmation doesn't protect your files anyway. One should probably check the integrity of files or/and sign them somehow. > btw: The yahoo pager is only one example: Many software vendors offer > online upgrades. It just sounds like a bad idea to me to allow this yes, Symantec, for example... rgds, serge -- +-------------------------------------+-------------------------------------+ | Sergiy Zhuk | serge@yahoo-inc.com | | Technical Yahoo | +1-408-731-3546 | | Yahoo!, Inc | http://www.yahoo.com/ | +-------------------------------------+-------------------------------------+
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:11:29 PDT