| www.delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-SWARE-Spam-Status: | No, hits=-1.0 required=5.0 tests=AWL,BAYES_40 |
| X-Spam-Check-By: | sourceware.org |
| X-Cloudmark-SP-Filtered: | true |
| X-Cloudmark-SP-Result: | v=1.0 c=1 a=aCRlMrwmDrwA:10 a=VphdPIyG4kEA:10 a=8nJEP1OIZ-IA:10 a=zk19hA/YTAL+guUbg/dVXQ==:17 a=w_pzkKWiAAAA:8 a=yTjZ8ly3yTlD4xex37UA:9 a=ZeJTD8JhC5hYVstuCN8A:7 a=y8y1AxXhALBjRAWA7uj-SWQJla0A:4 a=wPNLvfGTeEIA:10 a=1PuaHO8Oc9MA:10 |
| Message-ID: | <4B9EEC2D.9020602@monai.ca> |
| Date: | Mon, 15 Mar 2010 19:25:49 -0700 |
| From: | Steven Monai <steve+cygwin AT monai DOT ca> |
| User-Agent: | Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.8) Gecko/20100227 Thunderbird/3.0.3 |
| MIME-Version: | 1.0 |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: incomplete/corrupted setup.exe |
| References: | <1268526388 DOT 20918 DOT ezmlm AT cygwin DOT com> <Pine DOT LNX DOT 4 DOT 58 DOT 1003141111350 DOT 14642 AT mail3 DOT jubileegroup DOT co DOT uk> <20100314163002 DOT GA12172 AT ednor DOT casa DOT cgf DOT cx> <03988E63C1BD48809EA3A27E4D6A3661 AT phoenix> <4B9D1B9C DOT 6000302 AT monai DOT ca> <20100314190223 DOT GD13515 AT ednor DOT casa DOT cgf DOT cx> |
| In-Reply-To: | <20100314190223.GD13515@ednor.casa.cgf.cx> |
| X-IsSubscribed: | yes |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
On 2010/03/14 12:02 PM, Christopher Faylor wrote: > We are not going to be installing an https server in the hopes that it > will defeat misguided setup.exe blocking for the same reason that we > won't be adopting a new versioning scheme - neither is a guarantee. > > I don't mind trying to figure out clever ways to defeat Windows > limitations but I draw the line at spending nontrivial amounts of my > time trying to deal with brain-dead limitations of users' networks. > > The way to install Cygwin on your computer is to click on the "Install > Cygwin Now!" link at http://cygwin.com/ . If you can't get that to work > then you need to work with your local IT to figure out why. IT departments are becoming increasingly security conscious. That's probably why the OP had trouble downloading setup.exe. It wasn't because his IT was "brain-dead", but because there are legitimate security concerns about downloading an unsigned exe over a non-SSL-authenticated channel. I suggest people inform themselves about the current state of art in "man-in-the-middle" hijacking attacks, because the means by which cygwin.com currently distributes setup.exe is vulnerable to a MITM surreptitiously delivering a trojan setup.exe in place of the actual. For this reason, I caution Cygwin users against downloading setup.exe over unsafe networks (e.g. public wireless hotspots, hotel networks, etc.). -SM -- -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |