[cryptography] DigiNotar SSL Hack Diagram | Cyber Chatter
pgut001 at cs.auckland.ac.nz
Tue Sep 20 17:48:31 EDT 2011
Marsh Ray <marsh at extendedsubset.com> writes:
>Those are the Cyanogen guys. Android modders.
The same people who used a "publicly available private key" to sign their
code. Which, being publicly available to anyone, was promptly used by malware
authors to sign *their* code.
Reading through some of the Cyanogen threads, I get the impression they see
security as a nuisance to be bypassed rather than a real requirement.
More information about the cryptography