[cryptography] How are expired code-signing certs revoked?

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sat Dec 10 08:02:15 EST 2011


Nico Williams <nico at cryptonector.com> writes:
>On Fri, Dec 9, 2011 at 4:41 PM, Jeffrey Walton <noloader at gmail.com> wrote:
>
>> Android also make the application a security principal for resource
>> sharing (its a smarter walled garden approach). Its an awesome
>> approach, especially when compared to Windows and *nix where sharing
>> is generally based upon a login context and enforced through DACLs.
>
>That's what I meant by "isolation" :)

... dancing bunnies ... confused deputy ...

(This is a serious problem on Android phones.  The permissions systems is much
nicer than NT/Unix - mostly because it'd be hard to come up with something
that's worse - but it's fatally vulnerable to the dancing bunnies and confused
deputy problems.  For example one recent analysis of Android phones from a
range of vendors found that, out-of-the-box, before any user apps were even
installed, all of them leaked critical capabilities, all the way up to
MASTER_CLEAR for the phone).

Peter.



More information about the cryptography mailing list