Re: Not directly related but...
Of course it is. That's why anyone who's remotely serious about distributing executable contents will PGP-sign their packages.
I take it the time you refer to was a more innocent era. Not this century.
And of course, you can't entirely protect dumb users from counterfeits!