How much (and why) to trust Trusted vendors?

Started by Stephen, July 05, 2019, 07:04:06 AM

Previous topic - Next topic

Stephen

I can't help wondering how much should one trust trusted vendors. I'm running ReHIPS in Expert mode and I receive a number of alerts about programs being about to be run by trusted vendors. This raises the following questions to me as a new user:

1. What makes a vendor trusted?

2. Is there a risk that someone else (a program) may impersonate a trusted vendor and fool me when running ReHIPS?

3. What should I take into account before I add one to the list of trusted vendors?

fixer

Trusted vendors are more for Standard Mode. According to https://forum.rehips.com/index.php?topic=9539.0 it doesn't matter much in Expert Mode.

Trusted vendors list is filled manually (along with predefined list of trusted vendors installed with other rules). This list can be seen in Settings.

Simple impersonation isn't possible due to cryptographic nature of digital signatures. The risk here is the certificate gets stolen and some malware is signed with it. Gets more and more widespread lately.

Add some really trusted vendors who aren't likely to get their certificate stolen :)