der Mouse wrote: > > Signed applications and signed DLLs and signed drivers [...] coming > > to a Unix near you SOONER rather than later. > > > Or is that the kind of thing you disable upon installation because it > > gets in the way of you being able to install whatever "you" want ? > > Depends. Does it include the tools necessary to sign my own code? > > If not, yes, I will disable it, to the point of running a different OS > if necessary. > > If so, what's to stop a malware creator from using those same tools to > sign the attack vector? You don't have to store the signing key on every host which needs to run the signed binaries. -- Glynn Clements <glynn.clements@virgin.net>
