upvote
It was an architectural problem, not an encryption problem. Even with AES instead of 3DES, the same issue would exist, which is spoofing the commands of any of the legitimate MSI services.
reply
Yeah it wouldn't have changed this specific case but still why use it? It's slower even without AES NI!
reply
Is there a valid reason to use any encryption at all if you generally can't sniff the traffic unless you can also sniff the key, and if the key is arbitrary and not verified against anything?
reply
AES is so cheap with hardware acceleration that I could see an argument that it prevents casual sniffing of the traffic. Personally I think the false sense of security would outweigh those benefits, but I'm not in their shoes.

But DES is so broken that it's more of a giant flashing beacon saying "look here there are terrible decisions being made!"

reply
What casual sniffing? It's a pipe. If you can sniff that, you can sniff all the traffic because the very first message is the key in plaintext.
reply
I mean they're still using Inno Setup which was pretty cool in 2004.
reply
Unfortunately plenty of folks still didn't got the memo MSI and MSIX exist.
reply
Unfortunately, WiX is still a pain in the ass to use and there's a lot of simple tooling that makes NSIS/InnoSetup/etc shockingly easy to use while the same MSI experience is garbage.

msix is just a different beast entirely too.

reply
What about using the Visual Studio packaging tools?

I live on .NET/C++ universe in regards to Windows development, so it might be it isn't as nice for not blessed stacks.

reply
For some reason, that holds an appxbundle per the article. I'd suspect they needed to run some pre- or post-install code (maybe to check for their hardware?).
reply
I mean I still build windows installers with NSIS which has somehow just-worked for decades.
reply