This raises the issues of _why_ one trusts a vendor and whether the trust is
transitive. When a user accepts signed code, he basically assumes that code
will not perform malicious actions and can not be used to facilitate such
actions. The accountability is on the signer's side, not on developer's. If
a user trusts the signer, then it does not matter whether the code has been
written by someone in the same company or by other parties. In the real
world, when one a contract is signed, it does not matter who typed and
printed it, but who signs it.

If signing the software is treated responsibly, then it is not possible for
code written by "Jow Hacker" to be signed by Macromedia.

----- Original Message -----
From: "Mark Curphey" <markcurphey.com>
[...]
> nasty programming with it. However I went to a site and got directed to
the
> flash enabled site. I had granted code signed by Macromedia to run and
seems
> they now have Flash as a plug-in. Not the only case. Go to the Microsoft
> Security site and you will see the Microsoft Personal Security Advisor.
> http://www.microsoft.com/technet/mpsa/start.asp Its clearly written by
> Shavlik technologies all over the page. Who are they ? I have no idea and
I
> don't trust them! I do trust MS as I run Win2k on my laptop (prompting to
> install new binaries when they replace the kernel with an SP would be
> foolish so I thought). I was shocked to see the Shivlak control ran with
no
> prompts. On investigation MS have signed their code! For the technicians
> there is absolutely nothing wrong with this whatsoever. It all works as
> described and conforms to the model. But kinda tricked me into running
> someone else's technology that I didn't trust.
>
> So back to the plug-ins....If the flash plug-in / active-x runs signed,
> there is no way under that security model to check the validity of the
code
> its running ? I.e. plug-in signed by Macromedia and the swf file runs
> written by Jow Hacker!

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]