Re: Windows Vista Security Inherently Indeterminate?
- From: "BC" <callmebc@xxxxxxxxx>
- Date: 3 Oct 2006 05:05:05 -0700
david20@xxxxxxxxxxxxxxxx wrote:
In article <4oetg1Fea96iU1@xxxxxxxxxxxxxx>, Sebastian Gottschalk <seppi@xxxxxxxxx> writes:
david20@xxxxxxxxxxxxxxxx wrote:
In article <4oeds5Fe7io6U1@xxxxxxxxxxxxxx>, Sebastian Gottschalk <seppi@xxxxxxxxx> writes:
BC wrote:
I'm sure there will be some clever reverse engineering to get some trusty
utility apps working again, but then clever hackers and virus writers
will probably be able to do likewise.
As I already mentioned, the evil guys can simply aquire a certificate from
VeriSign. Thank you, Microsoft, for choosing the most incompentent CA.
Come on this was over 5 years ago now
http://www.verisign.com/support/advisories/authenticodefraud.html
It was 5 years ago since the still ongoing series of such incidents
started.
Please post details of subsequent incidents where Verisign has signed
certificates for someone falsely claiming to be Microsoft.
Well, maybe not Microsoft, but there was this from
the latter part of 2002, and it doesn't exactly comfort:
http://www.computerworld.com/securitytopics/security/holes/story/0,10801,73996,00.html
-BC
.
- Follow-Ups:
- Re: Windows Vista Security Inherently Indeterminate?
- From: david20
- Re: Windows Vista Security Inherently Indeterminate?
- References:
- Prev by Date: Re: Windows Vista Security Inherently Indeterminate?
- Next by Date: Looking for help with 2 Factor Authentication Test Plans
- Previous by thread: Re: Windows Vista Security Inherently Indeterminate?
- Next by thread: Re: Windows Vista Security Inherently Indeterminate?
- Index(es):
Relevant Pages
|
|
