9 comments

[ 3.1 ms ] story [ 20.9 ms ] thread
I've authenticoded signed Windows executable files in the past and Java jar files. I don't currently.

In some cases, I believe that code signing is useful. For example, code signing can prevent non-signed malware from being executed. Granted, it could also be used to keep legitimate developers out or abused by large entities (like stuxnet), but abuse seems rare and mostly nation state oriented.

Also, I'm not aware of a case where a corporation used code signing to keep a legitimate developer/company out of a platform for non-malicious reasons.

Code signing's downfalls outweigh its perceived benefits. It's the same principle as certificate authorities, and all it means is that the signer gave a "seal of approval" for the software. When a malicious program manages to thwart the checks and it ends up being signed, people who use this program will end up distraught because they placed so much trust in a "safe" mechanism that turns out only to dish false reassurance. I don't know the requirements for code signing, but it could also very well place developers in Microsoft's hands just so they can showcase their code as "trusted". It ultimately deters people from using unsigned code under the false impression that unsigned (or self-signed) code is by default insecure compared to signed code.
(comment deleted)
I'm going to say that this is naive open source zealot bullshit.

Code signing is what is keeping the FBI out of the iPhone. It's how we will keep malicious trojans and other kinds of advanced persistent threats out of the ecosystem in the future.

If you think code signing is a bad idea, then you aren't thinking about the post Snowden security landscape.

Now, what most code signing systems fail on today is the ability to control which keys you trust. Ideally you should be able to manage trust delegation.

But, in the future, we will think of running unsigned code like we currently think of protocols like FTP, telnet and rsh - built for a simpler, more trusting era.

Indeed. Code signing is a perfectly valid technique, and useful, but device owners must be able to control the root of trust. It's when code signing is used to create a system of manufacturer, rather than device owner control that is the problem.

Authenticode seems okay so long as executability doesn't depend on it. But there's a risk Microsoft might interpret it as a vote for "require signing for EXE files" (because the more people use it, the less developers to complain if they require it). If this started to look likely one could always use GPG.

Though in practice this shouldn't be possible... there is a very, very long history of binaries which are no longer updated and never will be, so introducing such a restriction is essentially impossible. (Of course, there's no secure way of determining binary date, so grandfathering is impossible.)

> Also, I'm not aware of a case where a corporation used code signing to keep a legitimate developer/company out of a platform for non-malicious reasons.

See iOS and flux. GBA4iOS is in a similar boat, but they managed to get around it via a mechanism intended to allow enterprise side loading.

I jumped on the "get off Windows" bandwagon early after 4 months of Windows 7 by switching to Gentoo Linux and I have not looked back. At the time, I was upset with Microsoft for deciding to drop mainstream support for Windows Media Center 2005 Edition 4 months earlier than they promised by including it with the rest of Sindows XP.

Now I think that my computing experience is better. No more chkdsk on sudden power loss (ZFS is awesome), no more disk defragmentation, no more antivirus/antimalware scanners, no more hunting for updates, no more inordinate number of things starting at boot just because I installed them at some point and no more yearly reinstalls to purge cruft from the system's registry and filesystems. My experience is that my computer performance improves over time with an OSS OS installed, rather than degrading over time like it did with Windows. It is just so much nicer than what I experienced with Windows.

A lot of those I don't see as something that is Windows' problem. If your computer performance degrades over time to the point that you have to reinstall every year to purge cruft, maybe it's something to do with that habit you mentioned of installing things at some point?

Also, running on an SSD I don't have to do disk defragmentation anymore either.