FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Do you trust these signers? Update 1.13.1

CBerg
Senior

‎2023-08-02 03:52 AM

Hello Community

the new update 1.13.1 just popped up. When I click throuhg the update process the following windows pops up:

signers.png

 

To be honest: this does not look very trustworthy. Even if "Legion of the Bouncy Castle" seems to be a legit certificate from Oracle, the other two signers have no information where I could check the authenticity. I will not trust these signers. => i will not install this update.

And by the way: would someone please be so kind to tell Oracle, that "Legion of the Bouncy Castle" is IMHO NOT a suitable name to generate trust. I'd rather expect this to be the self given name of a Nigerian Scammer Group ...

In General i had already serious hedache with trusting the signers in the previous updates. I'd really appreciate it, if ST could add a valid certificate for all this stuff. This time it's simply to much uncertainties. Please fix that, if you can, thank you!

4 REPLIES 4
Pavel A.
Evangelist III

‎2023-08-02 04:06 AM

Why Oracle? CubeIDE no longer ships with JRE from Oracle?

0 Kudos
CBerg
Senior
In response to Pavel A.

‎2023-08-02 04:21 AM

Why Oracle? Good Question, I have no Idea. I did not pack the installer for this update ...

the first entry in the list in the screenshot above is, that I should trust "Legion of the Bouncy Castle", which seems to be a branch of Oracle. At least it says so, when I click on that entry and read the description.

0 Kudos
xeng_EE
Associate

‎2024-04-04 12:52 PM

Did you trust it?

0 Kudos
CBerg
Senior
In response to xeng_EE

‎2024-04-04 10:48 PM

Nope, I did not. But I installed the Software anyway, because I had no other option, but with a very bad feeling in my guts ...

0 Kudos
Top