On Fri, 5 May 2006, Damien Miller wrote: > On Thu, 4 May 2006, Eric Ziegast wrote: > > > An 3l33t hacker might figure out that all he/she had to do was > > modify the magic number to get their program to run, but most people > > (including script kiddies) wouldn't figure it out, give up, and move > > on to softer targets. > > Typical security-through-obscurity junk. If a hacker cared, then they > would figure it out pretty quickly and it the ones who care that you > have to worry about. > > In its stronger form of "cryptographically signed binaries", this idea > isn't so effective either: all an attacker has to do is find *one* code > execution vulnerability *anywhere* on your system and they are back > to running arbitrary programs. Search phrack et al. for "userspace > exec" shellcodes to see that exploiting this is still pretty close to > script-kiddie levels of difficulty.
Yeah, I agree, but a lot of people do not see that. There are these links in many people's head that say: signed executable can be trusted trusted executables are safe And drawing wrong conclusions from that. Effectively they are saying: signing an executable will make the exploitable bugs go away Now that's magic! -Otto