GlobalSign Egregiously Misuses App-Signing Process
GlobalSign told The Register today that they have revoked the certificate for a company publishing “rogue” (or fake) antivirus software – in fact, we’ve covered the software on this website on at least one occasion – it’s Antivirus XP we’re talking about, a piece of software that claims to be an antivirus but is nothing more than an extortion racket software tool, demanding money in exchange for nothing at all.
The sad truth is the confusion between identity and security is one that GlobalSign and other companies like it worked hard to create. Here’s an endearing quote from the GlobalSign website :
“Running Unsigned Code / Executables can be Dangerous!
End users are encouraged not to run unsigned code / executables therefore downloading / running unsigned applications will generate worrying Unknown Publisher security warnings. Unsigned software can be tampered with (such as the insertion of spyware, malware or harmful code and then redistributed). Once digitally signed using a Code Signing Certificate, customers can be sure of the identity of the software developer and that the software has not been altered since being published by the original vendor. The security warnings change from being worrying to alerting the user the publisher of the digitally signed software is known – adding an essential level of trust to the application installation process.”
The Holiday Guide to Tech Support: Fixing the Family Computer
November 24, 2021
Bitdefender Celebrates 20 Years of Cybersecurity Leadership
November 04, 2021
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks
October 22, 2021
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals
October 20, 2021