undefined | Better HN

0 pointsiancarroll9y ago0 comments

Doing revocation checks on every executable whenever it's launched would introduce non-trivial latency with starting applications and a _lot_ of load on revocation servers. It probably wouldn't be feasible.

And yes, AVs stop adware ("potentially unwanted programs") unless you tell them not to.

0 comments

1 comments · 1 top-level

epistasis9y ago

Not sure why you'd check revocation servers on every launch... Check when launched the first time, and then the system checks for new revocations periodically; let's say as frequently as AV software checks for definition updates.

As for adware, if AV can stop it, code-signing methods can do it more efficiently and cheaper.

j / k navigate · click thread line to collapse