- Status
Valentin N
Level 2
- Feb 25, 2011
- 1,314
AyeAyeCaptain
Level 1
- Feb 24, 2011
- 585
Valentin N said:
But if so, for how long? Only way around it now is having HIPS turned to paranoid correct? in v6, we have full virtualization, and Local BB coming, so surely when BB thinks someting is wrong, it throws it to Sandbox? There should be a way for it to work if you know what I mean, so all Signed stuff is just not allowed to run its course fully??
Discuss...
Thanks for the link by the way, been meaning to get into a talk/debate about this.
Hungry Man
New Member
- Jul 21, 2011
- 669
There are quite a few problems with certs - the two largest being:
1) That you are putting trust into CA's, which essentially sell that trust to whoever's willing to pay (it is deadly easy to get a cert from certain CA's.)
2) CA's aren't protecting their certs, which means hackers can... hack them.
The issue is... why do we trust CA's? Who's auditing them? Who's saying the CA's are legit?
Furthermore, Certs have only ever been used as pure whitelistin. Is it certified? Grant it full access. They should be used as indicators and not 100% trusted identifiers.
1) That you are putting trust into CA's, which essentially sell that trust to whoever's willing to pay (it is deadly easy to get a cert from certain CA's.)
2) CA's aren't protecting their certs, which means hackers can... hack them.
The issue is... why do we trust CA's? Who's auditing them? Who's saying the CA's are legit?
Furthermore, Certs have only ever been used as pure whitelistin. Is it certified? Grant it full access. They should be used as indicators and not 100% trusted identifiers.
Littlebits
Retired Staff
- May 3, 2011
- 3,893
Valentin N said:
This could develop into a problem that effects all security products that uses whitelisting also the digital checker on Windows OS when you run an executable file.
I don't think this issue is widespread, but could be the next major vulnerability effecting security products that rely on whitelists as the primary source of detection. (This includes a lot of AV's and firewalls).
Thanks.
- Status
Similar threads
