Re: Certificates
But were the packages not signed with the public key of the software vendor/distributor ? Or are we dealing with a bunch like slack ?
OK: I don't know how this is done in the windows world, and if you have never installed anything from the vendor you will not have the key (so getting it could be spoofed) ... but Skype is from Microsoft and so the Windows machine will have their signing key ... so if the installer does not complain we need to ask how the spooks got their malware signed to make it look legitimate.
Biting the hand that feeds IT
