Free Tools

Discussions Are the updates in the sophos virus removal tool digitally signed? I see that they are not sent over an SSL connection so I'm wondering how the tool knows the updates have not been tampered with.

Free Tools requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 1 reply
Subscribers 8 subscribers
Views 3258 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Are the updates in the sophos virus removal tool digitally signed? I see that they are not sent over an SSL connection so I'm wondering how the tool knows the updates have not been tampered with.

Jim Bob over 7 years ago

Would like to understand how sophos guarantees the integrity of the update files for svrt

This thread was automatically locked due to age.

0 QC over 7 years ago

Hello Jim Bob,

[I'm not Sophos]
the individual IDEs are in a format that should ensure internal integrity and validity. The Warehouse (that's where the stuff is downloaded from) uses checksums and signed catalogs that enable the downloader to verify its and the download's integrity and completeness. Note that the detection data (IDEs and VDLs) are platform independent and SVRT comes with its own certs.

Christian
Cancel
Vote Up 0 Vote Down

Cancel