| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: Code signing |
From: Mike N. On Thu, 7 Sep 2006 21:13:07 -0700, "Rich" wrote: > In practice, have you ever known this to be a problem with signed code? >How much actual malware do you hear of that is signed? >I can't think of any that wasn't some PR stunt by someone that signed a >demo which he released under his own name anyway. Adware uses this quite frequently to get in. http://www.symantec.com/avcenter/reference/techniques.of.adware.and.spyware.pdf #search=%22%22signed%20activex%22%20adware%22 Check out page 10 from spazbox.net The dialer below qualifies as malware. Although you get a prompt because of date expiration, the certificate chain is not shown, so it's not clear if there would have been a warning before - http://www.symantec.com/security_response/print_writeup.jsp?docid=2004-121917-5 031-99 It's clear that signing is only an extra step for malware writers, not an obstacle. If it becomes necessary to sign malware - under Vista for example, there is no reason to expect that it won't be signed. --- BBBS/NT v4.01 Flag-5* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45) SEEN-BY: 633/267 270 5030/786 @PATH: 379/45 1 106/2000 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.