Win 11 system requirements and compatibility talk

Started 5 months ago | Discussions thread
OP Billiam29 Senior Member • Posts: 2,132
Re: Will security requirements help with ransomware protection?

Sean Nelson wrote:

abelits wrote:

Billiam29 wrote:

The only means I could ever see being possible for OS protection against ransomware would be to restrict file system access only to code-signed executables.

It won't work. If all executables (really executables and libraries) are signed, then vulnerable executables that are present on the system must be signed, too. So whenever any vulnerability is exploited, file access is open.

Ah, but now you know exactly where that executable came from and whether or not to trust it. That would be a huge step.

The most basic of things would be that hopefully (big fat wish here) CAs that the OS would recognize would simply not be issuing code signing certificates to organizations that create ransomware. The usual trust problems of stolen certificates, sneakily installed CA certs, and so forth would still be present of course. Those are at least on par with what’s already known and actionable though.

Unfortunately it might rule out a lot of useful software from nonprofessional sources.

Right, I checked a handful of apps from independent developers that I have  and the results were a coin toss. For example, a seemingly “small” mp3 tagging utility was code signed. Faststone Image Viewer was not.

Post (hide subjects) Posted by
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
MOD Austinian
Keyboard shortcuts:
FForum PPrevious NNext WNext unread UUpvote SSubscribe RReply QQuote BBookmark MMy threads
Color scheme? Blue / Yellow