Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer
> Signed applications and signed DLLs and signed drivers [...] coming
> to a Unix near you SOONER rather than later.
> Or is that the kind of thing you disable upon installation because it
> gets in the way of you being able to install whatever "you" want ?
Depends. Does it include the tools necessary to sign my own code?
If not, yes, I will disable it, to the point of running a different OS
if necessary.
If so, what's to stop a malware creator from using those same tools to
sign the attack vector?
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouse@xxxxxxxxxxxxxxxxxxxxxx
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B