zlacker

[return to "Leaked stolen Nvidia cert can sign Windows malware"]
1. pintxo+k8[view] [source] 2022-03-05 11:26:02
>>Zuider+(OP)
If a corp like Nvidia cannot manage to store Code signing certs on hardware only, the whole process is broken beyond repair. What’s the value of signed code going forward?
◧◩
2. imglor+Lr[view] [source] 2022-03-05 14:06:18
>>pintxo+k8
The benefit of signed code is it grants hardware vendors a perpetual control, gatekeeping, and rent seeking role. It was never your hardware.

The cover story was security, which might be mathematically correct but in practice has been shown false in every way. Look how much malware gets signed and shipped on devices and sold on app stores: the vendor gets their cut, /shrug. Look how many devices have been intentionally bricked to force new sales - yay them again. And then there's the certificate management illusion.

◧◩◪
3. aaaaaa+tB[view] [source] 2022-03-05 15:23:46
>>imglor+Lr
The /shrug continues until everyone here stops buying Lenovo hardware after they shipped a rootkit, etc
[go to top]