• bleistift2@feddit.de
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    1 year ago

    Edge has no way to find out that the random .exe you just downloaded is Microsoft Teams and has not been tampered with. It would be reckless to not warn the user about downloading files from the web.

    • Thermal_shocked@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      It came from their site, directly from the link inside the personal teams splash page… Can’t fingerprint it? Or read the md5?

      • bleistift2@feddit.de
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        11 months ago

        What would they compare the MD5 against? This would mean having all the MD5 files of all the software on all the internet baked right into edge. Or they would have to configure (probably multiple) repositories of known good MD5s to check against. All that’s quite a lot of work just to save you from having to click “Yes” once more.

        If you really want to only use software that MS deems safe, why not use the Microsoft store instead of downloading the software yourself?

          • bleistift2@feddit.de
            link
            fedilink
            English
            arrow-up
            1
            ·
            11 months ago

            why are you arguing about this?

            We are arguing about this. And I’m doing this because you’re not getting that what you’re asking for is impossible. Even if you’re downloading a file from a server called microsoft.com via SSL, the file may still be corrupt. The chance is slim, but still the risk is too big for Microsoft to tell their users, “Go ahead, it’s fine.”