Reply To: Vulnerability in Windows Disclosed by…an Agentcy. (Phoney Certificates)

Forums VoodooShield Support Forum General VoodooShield Discussions Vulnerability in Windows Disclosed by…an Agentcy. (Phoney Certificates) Reply To: Vulnerability in Windows Disclosed by…an Agentcy. (Phoney Certificates)

    gorblimey
    Participant
    none
    Yeah, I’ve been rabbitting on about this for years.  And no I don’t allow “… matching digital signature in whitelist snapshot“.  I don’t even “Automatically allow … from Program Files“!

    The only encryption that means anything for me–apart from SvenFaw’s wonderful Cobbler–is the download hash.  Having said that, we note that CCleaner had a download hash…  Even the hash is not a good shield against malice, you are making an assumption the author has a secure repository and has not p….d off any dodgy employees.

    So as long as downloaded softs are not allowed access to the phone, we should be secure.  Learn how to use your firewall!

    And lock down %user/local/temp% for all users, even Admin.  Dan’s Rules make that easy, but you do lose Custom Folders in the deal.

    _________________________________

    Understanding the scope of the problem is the first step on the path to true panic. [Florence Ambrose, "Freefall"]
    1
    0