Page 327 - StudyBook.pdf
P. 327

Communication Security: Web Based Services • Chapter 5  311


                   Problems with Code Signing
               Damage & Defense…  that have names similar to valid CAs, but are in no way affiliated with
                   The possibility exists that code you download might have a valid certifi-
                   cate or use self-signed code that is malicious. Such code might use CAs

                   that CA. For example, you may see code signed with the vendor name of
                   VerySign, and misread it as VeriSign, and thus allow it to be installed. It
                   is easy to quickly glance at a warning and allow a certificate, so
                   remember to read the certificate information carefully before allowing
                   installation of the code.







                    An additional drawback to code signing for applications distributed over the
                 Internet is that users must guess and choose whom they trust and whom they do
                 not.The browser displays a message informing them of who the creator is, a brief
                 message about the dangers of downloading any kind of data, and then leave it up to
                 the user whether to install it or not.The browser is unable to verify code.
                    As a whole, code signing is a secure and beneficial process, but as with anything
                 dealing with computers, there are vulnerabilities that may be exploited by hackers.
                 An example of this was seen in 2003, when a vulnerability was identified in
                 Authenticode verification that could result in a hacker installing malicious software
                 or executing code remotely.The vulnerability affected a wide number of Windows
                 OSes, including Windows NT,Windows 2000,Windows XP, and Windows 2003
                 Server. Under certain low memory conditions on the computer, a user could open
                 HTML e-mail or visit a Web site that downloads and installs an ActiveX control
                 without prompting the user for permission. Because a dialog box isn’t displayed, the
                 user isn’t asked whether they want to install the control, and has no way of veri-
                 fying its publisher or whether it’s been tampered with.As such, a malicious pro-
                 gram could be installed that allows a hacker to run code remotely with the same
                 privileges as the user who’s logged in.Although a security patch is available that
                 fixes this problem, it shows that Authenticode isn’t immune to vulnerabilities that
                 could be exploited.













                                                                              www.syngress.com
   322   323   324   325   326   327   328   329   330   331   332