-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MD5 attack on Microsoft's Authenticode
,----[ Quote ]
| A security expert has managed to transfer the digital signature of one
| Windows program to another, without invalidating the signature. Didier
| Stevens, who presented the attack in his blog, exploited the fact that
| Microsoft's Authenticode code signing standard accepts the vulnerable MD5
| hash algorithm. Stevens used this to generate two programs which have
| identical code signatures, but behave differently.
`----
http://www.heise.de/english/newsticker/news/122260
"Our products just aren't engineered for security."
--Brian Valentine, Microsoft executive
Related:
Bots rule in cyberspace
,----[ Quote ]
| USA TODAY REPORTS that on an average day, 40 per cent of the 800 million
| computers connected to the Internet are bots used to send out spam, viruses
| and to mine for sensitive personal data.
`----
http://www.theinquirer.net/gb/inquirer/news/2008/03/17/bots-rule-cyberspace
http://www.usatoday.com/tech/news/computersecurity/2008-03-16-computer-botnets_N.htm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkl6loIACgkQU4xAY3RXLo6WcwCgkqYlKyyozfBEP1mEZ+QrxrZ0
9kAAn2V8g2gMQBLJGnAxxuDuVXnK1wsS
=gPP7
-----END PGP SIGNATURE-----
|
|
