JDownloader Community - Appwork GmbH
 

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 08.11.2024, 22:06
bugnotme bugnotme is offline
BugMeNot Account
 
Join Date: Apr 2013
Posts: 404
Question jdownloader updates over insecure connections?

Hi

I'd like to know how jdownloader works when doing updates.
Does it force an https connection to the update site? Or does a digital signature verification?

Verifying a checksum is not enough since over an insecure connection an attacker can spoof the checksum value.

I've accidentaly updated jdownloader over an insecure connection and now I'm concerned about the possibility of malware injection.

For those who think this is paranoia. It is not. It does happen. And has been the case for more than a decade. Example: **External links are only visible to Support Staff****External links are only visible to Support Staff**

I tried searching the knowledge base but couldn't find anything.
Any replies from the developers or link to docs or knowledge base is appreciated.

Thanks
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 01:21.
Provided By AppWork GmbH | Privacy | Imprint
Parts of the Design are used from Kirsch designed by Andrew & Austin
Powered by vBulletin® Version 3.8.10 Beta 1
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.