Can anyone explain
Why signing "changes the binaries"?
It really sounds like some is reaching here.
Also, we have 25 million pieces of "malware that appear trusted because they are legitimately signed by valued code-signing certificates" (it appears that the adjective "valued" no longer has the meaning that it used to have). How does signature revocation happen? I hope someone knows.