A Brand's Guide to Digital Shelf Analytics | Download the eBook Today!
Welcome Guest | Sign In
ECTNews.com
E-Commerce Times TechNewsWorld CRM Buyer LinuxInsider
Discussions

TechNewsWorld Talkback

 
ECT News Community   »   TechNewsWorld Talkback   »   Re: Apple Ransomware Reveals Cert Problem



Re: Apple Ransomware Reveals Cert Problem
Posted by: John P. Mello Jr. 2016-03-17 18:33:29
See Full Story

Researchers last week discovered the first ransomware in the wild aimed at Apple's hardware platform. While the threat was subdued quickly, it exposed the weakness of digital certificates in authenticating software to devices. The ransomware appeared as a legitimate application because it contained a digital certificate stolen from a bona fide Mac developer in Turkey. The certificate was used to sign an application of another developer and post a malicious update at the developer's website.


Re: Apple Ransomware Reveals Cert Problem
Posted by: jescott418 2016-03-18 07:28:21 In reply to: John P. Mello Jr.
I agree, certificates are useless and don't help if someone gains access to a legitimate one. I thought this when Apple touted how great developer certificates were. Especially when your issuing them to so many all over the world. It still takes time to pull those certificates and then issue new ones to the developer who may have legitimate apps. One has to figure Apple is not much better than Google in monitoring their app stores. In my view the only good way to prevent a lot of this is not stray away too far from reliable and trustworthy app developers.
Jump to:
When considering the credibility of an article I read online, I am most influenced by...
The organization or operator of the website that published the article
The journalist(s) who wrote the article
The sources quoted in the article
The quality or style of the writing
The individual(s) who brought the article to my attention
Whether the article has myriad shares or social media activity
My own knowledge or intuition