On Wed, 2010-03-03 at 00:51 -0500, Chaskiel Grundman wrote: > On Tue, 2 Mar 2010, Alex Nemirovsky wrote: > > > Hi, > > > > This article claims that jailbreak is a virus. It doesn't say that -- it just says that some anti-virus engines report results which 'might cause some concern'. The article seems fairly clueless to me, though. To quote: "Ultimately this tool changes the game for server administrators managing server certificates. You can no longer continue to believe that your private keys are safely stored on the Windows certificate store. Perhaps you already knew this and I?m late to the game?" He seems to be extremely "late to the game". What kind of idiot would assume that a private key stored in software on the server is going to be unretrievable? That's FUNDAMENTALLY IMPOSSIBLE without dedicated hardware like a TPM, and that should be obvious to anyone with even the most _basic_ understanding of computers. And furthermore, why would anyone ever trust unreviewable, closed source software with such a task -- even if it _wasn't_ an impossible task? Some people are just too stupid for words. > The virus scanners claim that jailbreak is malware. Not all malware are > viruses. > > In this case, it is my uninformed suspicion that it is considered malware > because it can be seen as a "hacker tool". The detections marked > Jailbreak or Jeakail are almost certainly for this reason. I can't say > what the other detections mean. It's also possible that it uses some privilege escalation trick to read the private keys, and that makes it look like a virus. -- dwmw2
