Dailydave mailing list archives
Re: I love PKI :) (was Some Propaganda.)
From: ergosum <ergosum () neurosecurity com>
Date: Thu, 16 Nov 2006 23:22:59 +0100
Just to make it clear - I don't think that enforcing the use of digital signatures on all executables is an effective way to *block* malicious code execution. That would never work in 100%, as there is always a possibility to find a bug (in a signed application) and exploit it, not to mention that anybody could buy a signature and sign his or her malicious code with it.
Not only the implementation might be flawed, but the algorithm itself can be flawed. Just remember the recent md5 collisions (http://www.stachliu.com/research_collisions.html) (which btw permited the creation of custom binaries with the same signature as the original non modified bin) or sha0 and sha1 (http://www.cryptography.com/cnews/hash.html) collisions. Cheers -- http://www.neurosecurity.com "We must be the change we wish to see in the world" Mahatma Gandhi _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Some Propaganda. Piotr Bania (Nov 14)
- Re: Some Propaganda. Arun Koshy (Nov 14)
- Re: Some Propaganda. Joanna Rutkowska (Nov 15)
- Re: Some Propaganda. Halvar Flake (Nov 15)
- Re: Some Propaganda. dan (Nov 15)
- I love PKI :) (was Some Propaganda.) Joanna Rutkowska (Nov 16)
- Re: I love PKI :) (was Some Propaganda.) ergosum (Nov 17)
- Re: I love PKI :) (was Some Propaganda.) Danny Quist (Nov 19)
- <Possible follow-ups>
- Re: Some Propaganda. Piotr Bania (Nov 15)
- Re: Some Propaganda. Piotr Bania (Nov 15)
- Some Propaganda. Piotr Bania (Nov 15)
- Re: Some Propaganda. Marek Bialoglowy (Nov 16)