<<< Date Index >>>     <<< Thread Index >>>

Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer



> Signed applications and signed DLLs and signed drivers [...] coming
> to a Unix near you SOONER rather than later.

> Or is that the kind of thing you disable upon installation because it
> gets in the way of you being able to install whatever "you" want ?

Depends.  Does it include the tools necessary to sign my own code?

If not, yes, I will disable it, to the point of running a different OS
if necessary.

If so, what's to stop a malware creator from using those same tools to
sign the attack vector?

/~\ The ASCII                           der Mouse
\ / Ribbon Campaign
 X  Against HTML               mouse@xxxxxxxxxxxxxxxxxxxxxx
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B