[cryptography] How are expired code-signing certs revoked?
pgut001 at cs.auckland.ac.nz
Wed Dec 7 22:28:36 EST 2011
Marshall Clow <mclow.lists at gmail.com> writes:
>This is only true if signing the malware is an expensive (in some terms)
>proposition. It's certainly not expensive in terms of computing power.
The rate-limiting factor is how many certs you can steal, and how quickly. The
technology side doesn't even come into it. So this is a valid measure, and
will continue to be so, because you can't speed up the cert-stealing process.
It's the same with monetary fraud, the rate-limiting step there is how fast
you can cash out the accounts. Sure, your botnet has collected 50M accounts
and associated authorisation information, but how fast can you cash them out?
Velocity limiting via computationally intractable means is one security
measure that is universally effective and hard to bypass.
More information about the cryptography