| ▲ | sidewndr46 8 hours ago | |
who on planet earth trusts a piece of software because Microsoft signed it? | ||
| ▲ | roelschroeven 8 hours ago | parent | next [-] | |
There are different types of trust, but at the very least with such a signature you can trust that the piece of software is really from Veracrypt and not from a malicious third party. | ||
| ▲ | repelsteeltje 6 hours ago | parent | prev | next [-] | |
For one: Most if not all virus scanners. A signature is a signal, not an absolute. Although, to be fair, if Microsoft (or most other CAs) had done a better job, then that trust would have carried more weight than it does currently. | ||
| ▲ | mr_mitm 8 hours ago | parent | prev [-] | |
Trust isn't binary, it's a spectrum. A signature is a signal that should increase trustworthiness. Not the strongest signal, perhaps even a weak one, but it's not zero. | ||