Sean Donelan wrote:
Regardless of the distribution method, geniune Microsoft
patches are always cryptographically signed by Microsoft.
Whether consumers can figure out how to check the signature
is a different question.
Lots can't. I recently put a fake "identity seal" on my personal web
site (go to https://arneill-py.sacramento.ca.us and put the mouse cursor
over the padlock on the left).
It's completely bogus: not only the artwork has been greatly inspired by
Comodo's thing (view the real thing here:
logo.html) when the actual SSL certificate comes from freessl.com, but
it also works even if you view the insecure page
Besides, I do not have a credit card processing system, although I do
accept donations in cash and gold bullions.
So, what you're looking at is nothing more than a little photoshop and
Guess what: I have received many questions that say in substance "how
much does it cost to get the same seal as yours and can you come install
it on my web server?"