[cryptography] DigiNotar SSL Hack Diagram | Cyber Chatter

Peter Gutmann pgut001 at cs.auckland.ac.nz
Tue Sep 20 17:48:31 EDT 2011


Marsh Ray <marsh at extendedsubset.com> writes:

>Those are the Cyanogen guys. Android modders. 

The same people who used a "publicly available private key" to sign their
code.  Which, being publicly available to anyone, was promptly used by malware
authors to sign *their* code.

Reading through some of the Cyanogen threads, I get the impression they see
security as a nuisance to be bypassed rather than a real requirement.

Peter.



More information about the cryptography mailing list