[cryptography] Digitally-signed malware

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Jun 22 11:24:16 EDT 2011


Marsh Ray <marsh at extendedsubset.com> writes:

>It's usually more useful as a means for an platform vendor to enforce its
>policies on legitimate developers than as something which delivers increased
>security to actual systems.

Symbian being a prime example.  With Android it's easier, you just publish the
private key and then all these hassles go away.

Peter.



More information about the cryptography mailing list