In comp.os.linux.advocacy, D. C. Sessions
wrote
on Thu, 21 Nov 2002 20:11:56 -0700
>> "Another Critical Microsoft Hole".
>> Yeah, I know, the second one is almost a daily
>> feature, but this one claims MS is saying you
>> can't trust ActiveX controls signed by MS.
> I wonder if any MS Spokesheads will ever again be able
> to defend "code signing" as a security mechanism?
Oh, it's a security mechanism all right -- about the
equivalent of putting a cheap bike lock around the steering
wheel of one's car. (Even the ignition switch doesn't
give good thieves too much work -- one pop, fiddle around,
and they're gone. At least, such is my understanding.
Fortunately, the steering wheel interlock gives the more
amateurish variants some pause.)
And the best private/public system in the world won't
do one much good if one writes the private key in
a world-readable file. :-)
And then there's the signing authority. I'm assuming
official Microsoft certificates would be signed by
"Microsoft, Inc.". But there are an awful lot of
variants:
"Microsoft, Inc."
"Microsoft Inc"
"Microsoft Ltd" (for those in Britain that may be duped :-) )
"Microsoft"
"Micro Soft"
"Micr0S0ft"
"Micr?s?ft" (Germans?)
"Micrsft" (Poland? Mordor? :-) )
"Micr?s?ft" (Sweden?)
"Mircosoft" (for those on the planet Ypto?)
etc. I certainly hope that people read that dialog box carefully! :-)
And that's assuming the signing authority doesn't make a
clerical error and issue a second certificate for "Microsoft, Inc.".
(I'd have to look at the other fields in a standard certificate;
there are a few. This is only one of them, and the one that's
usually shown on that requester asking one to trust the ActiveX
applet just prior to its download.)
--
It's still legal to go .sigless.
by