Re: Why are programs not digitally signed to protect against viruses?
From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 06/29/05
- Next message: RobLee: "Re: unknown processes????"
- Previous message: Sandy Wood: "Windows Update v6 on 2003 server going nowhere"
- In reply to: S Marsden: "Why are programs not digitally signed to protect against viruses?"
- Next in thread: John [MSFT]: "Re: Why are programs not digitally signed to protect against viruses?"
- Reply: John [MSFT]: "Re: Why are programs not digitally signed to protect against viruses?"
- Reply: Roger Abell [MVP]: "Re: Why are programs not digitally signed to protect against viruses?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 28 Jun 2005 18:46:45 -0500
My guess is that may be related to issues with cost, development time, and
performance. Windows XP Pro offers Software Restriction Policies which can
be used to restrict what applications a user can install and execute based
on hash, certificate, and path rules with default security levels of
unrestricted or disallowed. If you are interested in SRP see the link below.
The free tools from SysInternals - Process Explorer and Autoruns will also
tell you is the executable associated with a process is digitally signed or
not though as you mention that fact that a file is not digitally signed does
not mean it is malicious. --- Steve
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rstrplcy.mspx
"S Marsden" <S Marsden@discussions.microsoft.com> wrote in message
news:42761726-E97B-4B7D-8FD1-DA004E6F8DCD@microsoft.com...
> Why are Windows and all other software programs' dll's not digitally
> signed?
> Wouldn't this make it a lot easier to determine what files on a computer
> were
> valid, and which were potential viruses?
>
> When a dll or exe or cab file is signed, and you right click that file,
> you
> will see a tab for "Digital Signatures" and you can verify that the file
> is
> actually from who it says it is from. The "Versions" tab on file
> properties
> shows the company but this can be easily spoofed by anyone who writes
> their
> own program.
>
> Whenever we have a virus, we painstakingly go through each service and do
> google, and symantec searches on it, to try and verify its authenticity. A
> digital signature for each file would allow this process to be automated.
> The
> computer could be scanned and all unsigned suspect programs could be
> identified automatically.
- Next message: RobLee: "Re: unknown processes????"
- Previous message: Sandy Wood: "Windows Update v6 on 2003 server going nowhere"
- In reply to: S Marsden: "Why are programs not digitally signed to protect against viruses?"
- Next in thread: John [MSFT]: "Re: Why are programs not digitally signed to protect against viruses?"
- Reply: John [MSFT]: "Re: Why are programs not digitally signed to protect against viruses?"
- Reply: Roger Abell [MVP]: "Re: Why are programs not digitally signed to protect against viruses?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
