Ver Mensaje Individual
  #7  
Antiguo 04-12-2017
Avatar de dec
dec dec is offline
Moderador
 
Registrado: dic 2004
Ubicación: Alcobendas, Madrid, España
Posts: 13.107
Reputación: 34
dec Tiene un aura espectaculardec Tiene un aura espectacular
Hola a todos,

Lo comento por aquí, porque, es reciente, y, porque, no es el primer artículo que leo del mismo cariz:

https://www.adlice.com/what-is-code-signing/

Cita:
Code Signing Policy changes in Windows 10 Anniversary Edition (1607) and the implication on Adlice Tools. With the release of Windows 10 version 1607, Microsoft now requires kernel-mode drivers to be signed using EV certificates.

As we saw above, EV certificates are more secure because they need higher levels of requirement to be obtained and because the probability to be stolen is virtually null since they are tied to hardware devices (HSM). However, their high cost is an impediment to independent developers and small companies. We, at Adlice Software, are in this case.

....

Conclusion

Code signing is an invaluable approach to better protect users from malicious contents, to authenticate the publisher of an executable and to protect a file from unwanted modifications.

For the time being, a digital signature in a file does not mean it’s safe. In the future, if EV certificates become cheaper and more straightforward to obtain, we can make the assumption it could become true.
Y la gente no se queja (nos quejamos) sólo del precio, sino, de los requisitos que piden para obtener el certificado de marras. Nótese que este chico en concreto está hablando de un certificado para firmar "drivers", pero, antes de que nadie vaya a comentar sobre esto, ocurre igual para certificados de firma de código "normales". Siguen siendo caros y difíciles de conseguir.

En fin, esto pinta muy mal, desafortunadamente.
__________________
David Esperalta
www.decsoftutils.com
Responder Con Cita