Comment 2T82 No breach?

Story

HP accidentally signed malware, will revoke certificate

Preview

No breach? (Score: 1)

by powysbiker@pipedot.org on 2014-10-13 13:30 (#2T82)

Whether their CA has been breached or not is irrelevant, they clearly did not have procedures in place to protect the integrity of the signature. If a PC is used by someone responsible for signing code surely there should be procedures in place to make sure that that PC is not subverted?

Junk Status

Not marked as junk