Violation Type:Recklessly Insecure Software Distribution

From Violations Tracker
Jump to: navigation, search
Violation Type

Recklessly Insecure Software Distribution

An entity distributes software in a recklessly insecure way, for example over an unencrypted HTTP connection, and without any means of integrity verification, such as a PGP signature, and where the type of software in question is high risk (for example, firmware, operating system images, or applications for unsandboxed operating systems).