Microsoft has noticed Flame, the malware supposedly burning up the middle east and spreading like wildfire to the rest of the world, and has taken steps to stop it before becoming an uncontrollable conflagration. Redmond's chief concern, according to Mike Reavey, a senior director of the Microsoft Trustworthy Computing effort, …
So basically ...
... microsoft is closing the backdoor that the spooks used, now that it's out in the open. Loverly. During the meanwhile, all over the world, idiots with absolutely no knowledge of computer security are still using consumer-grade operating systems in places where they are contra-indicated ... even at the National "Security" level.
My mind boggles, and I weep. Back in the day, we knew what security was.
"Microsoft trustworthy computing"
Could this be the world's greatest oxymoron?
Re: "Microsoft trustworthy computing"
That rather depends on what you trust it to do...
Re: "Microsoft trustworthy computing"
Whatever MS may have wanted us to think, "trusted computing" was never really about end users and IT departments being able to trust that the systems they paid for were trustworthy, secure and reliable and generally fit for purpose..
"Trusted computing" was about "content providers" being able to trust that Windows and the kit associated with Windows could be trusted not to leak valuable digital copies of their valuable "content". Content providers had to trust that all the way from BluRay or DRM-infested stream via Windows (desktop, set top box, etc) to the HDCP-connected display, no leakage of protected digital content could occur.
Did it work?
They want their joke back.
Does this mean all I need is an unpatched version of the service and I can sign code to my heart's content? If that is the case, do they really think that the people who write malware and use this exploit are actually going to apply this patch rather than, say, ignore the update and exploit this hole some more?
Yes you can continue signing
But the signature will not be recognized by the computers that have been patched, ie your targets (well, hopefully).
So yes, Microsoft is actually closing the loophole, because the only computers the malware writers will be able to infect will be those that have not been patched.
At least I hope so.
Thanks Reg, this is a really hot tip. You guys are on fire lately.
Well played, Sir.
Warm praise indeed!
This is merely a test drive...
While we're made to think that MS is busy hunting malware and such this is really a ruse...
Because when Win8 ships Redmond is needs to be ready for a lot of new released malware which will trick users into running it in order to "re-install the start menu". As such; a field test was in order!
My Windows machine updated this morning.
Since then my CPU and GPU temps have gone down by five degrees.
It wasn't that lame after all.
Telling for people who thought Kaspersky showed off in a weird way, like bragging to unearth a virus which was undetected for years.
Microsoft didn't break MD5
It's called a "collision attack" and comes about because of vunerabilties in the long-troubled MD5 algorithm (see http://www.win.tue.nl/hashclash/rogue-ca/). Mostly the fault lies with certificate authorities who continue to use this weak algorithm.
SHA1 is starting to look vulnerable too now - are we going to find a way to blame that on Microsoft too?
Grow up everyone - it's time to realise that this is an industry problem, not a vendor problem...
Re: Microsoft didn't break MD5
...except that it seems someone at Ms forgot to follow their own advice from way back in 2008:
flame control panel
looks like the flame control panel is available on http://flamer.com - ID 62674 hee hee
- Analysis Oh no, Joe: WinPhone users already griping over 8.1 mega-update
- Leaked pics show EMBIGGENED iPhone 6 screen
- Opportunity selfie: Martian winds have given the spunky ol' rover a spring cleaning
- OK, we get the message, Microsoft: Windows Defender splats 1000s of WinXP, Server 2k3 PCs
- Episode 4 BOFH: Oh DO tell us what you think. *CLICK*