Hacker News new | ask | show | jobs
by zepto 2050 days ago
I’d say this is only one half.

Many malicious effects involve social engineering, fraud, etc, and are not about exfiltration of files.
1 comments
api 2050 days ago
In that case code signing can’t do much either.
link
zepto 2050 days ago
On the contrary code signing is the only current solution to this problem.

It allows fraudulent, malicious, or easily exploited code to be disabled.

link
api 2050 days ago
How can revoking apps stop a phishing attack?
link
zepto 2050 days ago
Easy: Revoke the certificate of the app doing the phishing.
link
judge2020 2050 days ago
To add, this is exactly what google's safe browsing is https://safebrowsing.google.com/
link