funsec mailing list archives
Re: Sunbelt: Gromozon Malware Digitally Signed by Thawte
From: Valdis.Kletnieks () vt edu
Date: Wed, 12 Sep 2007 15:41:31 -0400
On Wed, 12 Sep 2007 19:00:45 -0000, Paul Ferguson said:
It's stuff like this that sometimes makes you just throw your hands in the air. http://sunbeltblog.blogspot.com/2007/09/for-shame-thawte-trusts-gromozon.html
Unfortunately, that's Working As Designed. Authentication vs Authorization. Thawte has certified that malware really *is* from Gromozon, and not from some even sleazier entity pretending to be Gromozon. That's all they *claim* to do with their certificates. Whether you should trust the signed contents, knowing they *are* from Gromozon, is way out of scope for a certificate.
Attachment:
_bin
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Sunbelt: Gromozon Malware Digitally Signed by Thawte Paul Ferguson (Sep 12)
- RE: Sunbelt: Gromozon Malware Digitally Signed by Thawte Larry Seltzer (Sep 12)
- RE: Sunbelt: Gromozon Malware Digitally Signed by Thawte Alex Eckelberry (Sep 12)
- Re: Sunbelt: Gromozon Malware Digitally Signed by Thawte Valdis . Kletnieks (Sep 12)
- RE: Sunbelt: Gromozon Malware Digitally Signed by Thawte Alex Eckelberry (Sep 12)
- RE: Sunbelt: Gromozon Malware Digitally Signed by Thawte Alex Eckelberry (Sep 12)
- Re: Sunbelt: Gromozon Malware Digitally Signed by Thawte Valdis . Kletnieks (Sep 14)
- RE: Sunbelt: Gromozon Malware Digitally Signed by Thawte Larry Seltzer (Sep 14)
- RE: Sunbelt: Gromozon Malware Digitally Signed by Thawte Alex Eckelberry (Sep 12)
- RE: Sunbelt: Gromozon Malware Digitally Signed by Thawte Larry Seltzer (Sep 12)