Shoutbox

Each build is purposely compiled in 2 flavours though with the only difference being the signature. It takes extra work to do this, so I'm sure there is some reasoning behind it.

I could've sworn he mentioned that he was changing the signing back to being "Patchou" as part of the whole community being disillusioned with Yuna business?

quote:

---

Originally posted by Menthix
Something I never really understood though. Why are half of the installer files still digitally signed by Patchou (when you update) and the other installers are signed by Yuna Software?

---

indeed. I'm wondering the same since a while now.

quote:

---

Originally posted by djdannyp
I could've sworn he mentioned that he was changing the signing back to being "Patchou" as part of the whole community being disillusioned with Yuna business?

---

Could it be that you read that in some of those 'conspiracy' threads said by someone else (not Patchou)? Saying it is to 'hide' Yuna Software and to cover things up?

Because other than the delay with build 372 back in october 09, caused by VeriSign, I have never seen Patchou saying anything about the singing, AFAIK at least.

The different signing scheme has also not changed since before though. There have always been double builds since the signing with 'Yuna' started and the implemention of different sponsors (toolbar vs. ask.com vs. CiD): The builds downloaded via the update have consistantly been signed by 'Patchou', while the builds downloaded directly via the website are always signed by 'Yuna'. So this was already happening before the big outcry.

This indeed seems a bit strange, confusing (and more work, as Menthix puts it).

Yay! Thanks Patchou

quote:

---

Originally posted by Menthix
Something I never really understood though. Why are half of the installer files still digitally signed by Patchou (when you update) and the other installers are signed by Yuna Software?

---

That has to do with the way auto-updates are protected. When Messenger Plus! downloads the update file (as part of auto updates of /checkupdates manual downloads), it authenticates the file before launching it. This way, if some day, someone was to hack our servers and replace the update file by something else, it would not be executed on clients computers.

Until last year, Messenger Plus! was told to validate on my own signature: "Patchou". Now, it validates both "Patchou" and "Yuna Software". In order for old Messenger Plus! installations to accept the update, the auto-update file has to be signed by "Patchou". This will eventually be phased out this year as it won't be needed anymore.

I see. Makes sense .

aaaaaaahhhh... makes indeed perfect sense... thanks for explanation...

So can anyone tell me why this FREEWARE download is infected with Win32.Adware.CiDHelp as I have just gone to download it as I am a fan of Messenger Plus! Live and my anti-virus software has just blocked it because it is infected with the above Trojan ?

quote:

---

Originally posted by bilbobagins75
So can anyone tell me why this FREEWARE download is infected with Win32.Adware.CiDHelp as I have just gone to download it as I am a fan of Messenger Plus! Live and my anti-virus software has just blocked it because it is infected with the above Trojan ?

---

If your using ESET Nod32 or Malwarebytes check the thread here http://shoutbox.menthix.net/showthread.php?tid=95106

When the version 5.0 whom will be compatible with the new Windows Live?
I believe that shouldn't have more tabs for the new version of MPlus!, that's cause the new windows live has tabs that are part with the program, there would be a series of conflicts with Windows Live.