On 02/08/2010 09:28 PM, Lucas Adamski:
In this case perhaps - in another case you perhaps will stay with the
damage and never hear from the "developer".
The point is even a well legitimate intentioned developer with a code
signing cert could ship malware by accident.
Right - and I believe that this isn't the problem code signing is
intended to solve. However it does protect from tempering as Steven
pointed out in the other list.
If you aren't trying to make a trust decision based upon the publisher
then code signing buys you very little. What it does create is a huge
burden on developers that requires them in many countries to be
incorporated or at least have a business license, and provide a stack
of paper documents to that effect.
Today you can get code signing certificates as individuals too.
Sometimes that's even better than some Ilse of Man limited liability
company hold by one guy and setup through online registration.
Yes, but is it feasible to review every add-on? Maybe it's not such a
burden - and what about modifications of existing add-ons? Are they
reviewed too?
It is a big burden, I wouldn't try to sugar coat it. However code
signing doesn't relieve that burden in any way IMHO, they solve
orthogonal problems.
You are right. But perhaps it might be of help to know that this
developer is the same one as last time and he signed his code. Knowing
that there is a real person (or organization) behind the code might be
of help too.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
XMPP: [email protected]
Blog: http://blog.startcom.org/
Twitter: http://twitter.com/eddy_nigg
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
