this post was submitted on 13 Jan 2024
680 points (97.1% liked)

Comic Strips

12453 readers
3506 users here now

Comic Strips is a community for those who love comic stories.

The rules are simple:

Web of links

founded 1 year ago
MODERATORS
 

Source: System 32 Comics

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 9 months ago (1 children)

Edge has no way to find out that the random .exe you just downloaded is Microsoft Teams and has not been tampered with. It would be reckless to not warn the user about downloading files from the web.

[–] [email protected] 1 points 9 months ago* (last edited 9 months ago) (1 children)

It came from their site, directly from the link inside the personal teams splash page... Can't fingerprint it? Or read the md5?

[–] [email protected] 0 points 9 months ago (1 children)

What would they compare the MD5 against? This would mean having all the MD5 files of all the software on all the internet baked right into edge. Or they would have to configure (probably multiple) repositories of known good MD5s to check against. All that’s quite a lot of work just to save you from having to click “Yes” once more.

If you really want to only use software that MS deems safe, why not use the Microsoft store instead of downloading the software yourself?

[–] [email protected] 1 points 9 months ago (1 children)

because it's directly from their site. why are you arguing about this? and the microsoft store is trash.

https://i.imgur.com/Aq0nh15.png

[–] [email protected] 1 points 9 months ago

why are you arguing about this?

We are arguing about this. And I’m doing this because you’re not getting that what you’re asking for is impossible. Even if you’re downloading a file from a server called microsoft.com via SSL, the file may still be corrupt. The chance is slim, but still the risk is too big for Microsoft to tell their users, “Go ahead, it’s fine.”