Cryptographic signature check

In v 2.4, you get alerts of changes in the cryptographic signature for applications. How does this apply to v 3.0? Is it this simple: Defense+ warns you when updating a program, and this is indirectly considered as a similarity to the old 2.4 kind of warning? The 3.0 warning is “one step before” the 2.4 warning - when you have allowed (in D+) the update of the application, it’s pointless to add another warning from the firewall?



You may find this interesting:

Yes, thank you. The specific word of cryptographic was never mentioned, but it was interesting anyway.


Yep. But you should consider pending list too if you used Installer policy or alike. After purging the lookup will check the files and remove the safe ones. EDIT lookup now remove safe files only if they are placed in My safe list (3.0.14)
Now IIRC I remember that there was an alert for apps in pending list that had an existing rule. This is somewhat missing so using a malicious installer could pose some risks if the pending list is overlooked. Trusting any malicious app would pose the same risks. For what matters an installer could even place a rootkit on a computer…

But I guess I should test this more thoroughly as the installer policy actually triggers alerts sometime IIRC.
But trusted apps do not.

Ah, then I’ve got a clue what it’s about. Luckily (for me) I’m careful with what to execute, the risk of getting malware from a false installer is minimal.


NP I found few complaints about the safelist so I guess that adding more features to it will not be considered feasible. IMO pending list could also be used to track legit files placement and modification. I would certainly like to use V3 engine as an installation logger. It could prove useful to nail down DLL hell scenarios and software behaviour outlining.