[cryptography] How are expired code-signing certs revoked?

Marshall Clow mclow.lists at gmail.com
Wed Dec 7 17:32:57 EST 2011


On Dec 7, 2011, at 1:56 PM, Peter Gutmann wrote:

> Steven Bellovin <smb at cs.columbia.edu> writes:
> 
>> Assume that there is some benefit to digitally-signed code.
> 
> There is at least one very obvious benefit: When malware is signed, it can't
> mutate on each generation any more but has to remain static.  This makes it
> easier for the anti-malware folks to detect.

This is only true if signing the malware is an expensive (in some terms) proposition.
It's certainly not expensive in terms of computing power.

-- Marshall

Marshall Clow     Idio Software   <mailto:mclow.lists at gmail.com>

A.D. 1517: Martin Luther nails his 95 Theses to the church door and is promptly moderated down to (-1, Flamebait).
        -- Yu Suzuki




More information about the cryptography mailing list