Illicit code signing certificates worth more than passports on the dark web

Discussion in 'other security issues & news' started by ronjor, Oct 31, 2017.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,072
    Location:
    Texas
    By Ian Barker
     
  2. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,402
    I hate this reliance on these things. Why not use GPG signatures like linux does in a repository? I hope I see the day (and soon) where something better than CA's starts getting used.
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    That's why I don't rely on digital signatures in order to decide whether some app is trustworthy or not. It's all about behavioral monitoring. :thumb:
     
  4. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    Never trusted them (ds), so I am fine.
    I hate that EAM puts so much trust in them.
    Now, Appguard gives you the option to use them or not.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.