« previous next »
Pages: [1]   Go Down

Author Topic: When a Signed Java JAR file is not Proof of Trust  (Read 28308 times)

0 Members and 1 Guest are viewing this topic.

March 05, 2013, 07:07:27 pm
Read 28308 times

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
When a Signed Java JAR file is not Proof of Trust
http://eromang.zataz.com/2013/03/05/when-a-signed-java-jar-file-is-not-proof-of-trust/


Quote
Today, Malware Domain List, reported strange behaviours regarding a Java app executed with the latest version of Java 6.


Logged
Ruining the bad guy's day
March 05, 2013, 09:55:21 pm
Reply #1

dlipman

  • Special Access
  • Full Member
  • Offline
  • *
  • 61
Re: When a Signed Java JAR file is not Proof of Trust
I didn't know GoDaddy was a CA.
Logged
March 06, 2013, 09:19:45 am
Reply #2

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: When a Signed Java JAR file is not Proof of Trust
Quote from: dlipman on March 05, 2013, 09:55:21 pm
I didn't know GoDaddy was a CA.

Me too.
Logged
Ruining the bad guy's day
March 06, 2013, 02:25:25 pm
Reply #3

dlipman

  • Special Access
  • Full Member
  • Offline
  • *
  • 61
Re: When a Signed Java JAR file is not Proof of Trust
I guess they do.

http://www.godaddy.com/ssl/code-signing-certificate.aspx

I hope its not like Comodo.  I remember a time when we had to have Kishor revoke Comodo certificates used with malware.
Logged
Pages: [1]   Go Up
« previous next »