Please add a possibility to do an authenticy check of the files
on download. Preferably pgp-sign the files and make the signature file downloadable a long with the program files.
Publish the signing key and it's fingerprint at the projekt site for
verification.
For the same reason: publish a secure hash of the program files at
the project site. md5 is broken, SHA-1 can be used for some time, but preferable SHA-256 could
be used. (I recently encountered a SHA-1 collision for two slightly different program files.)
Rational:
UltraVNC has security implications and should be securely distributed.
Celebrating the 22th anniversary of the UltraVNC: https://forum.uvnc.com/viewtopic.php?t=38031
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
Secure distribution of files
-
Rudi De Vos
- Admin & Developer
- Posts: 6879
- Joined: 2004-04-23 10:21
- Contact:
Re: Secure distribution of files
We are planning to buy a certificat to sign the software. (auth signing)
After signing exe are protected and installation will no longer complain
on unknown originin.
Thanks to donations we can spend a 200$ for a offical cert.
Don't know what encryption is used by the MS signing tools, but as they use it thereself it should do the trick.
After signing exe are protected and installation will no longer complain
on unknown originin.
Thanks to donations we can spend a 200$ for a offical cert.
Don't know what encryption is used by the MS signing tools, but as they use it thereself it should do the trick.
Re: Secure distribution of files
I would happy to send 200$ for sign the software by Rudi De Vos, pchelpware
so, there no problem for antivirus and spyware and support can be downloadable from some cybercafe allow only signed software to be used.
the example at Geneva, train station.
so, there no problem for antivirus and spyware and support can be downloadable from some cybercafe allow only signed software to be used.
the example at Geneva, train station.
UltraVNC 1.0.9.6.1 (built 20110518)
OS Win: xp home + vista business + 7 home
only experienced user, not developer
OS Win: xp home + vista business + 7 home
only experienced user, not developer
Re: Secure distribution of files
What about the DSM-plugins for encryption?
-
Rudi De Vos
- Admin & Developer
- Posts: 6879
- Joined: 2004-04-23 10:21
- Contact:
Re: Secure distribution of files
There is a 256bit encryption and DH 512 buildin.
For Pchelpware concept, buildin encryption is better.
For Pchelpware concept, buildin encryption is better.