|
|
|
|
|
|
by tatersolid
2036 days ago
|
|
|
> I guess a super obvious question is, why do they do this instead of having a robust antivirus ecosystem? Enumerating “all possible badness” is basically impossible, which is why AV software really doesn’t work. Every ransomware attack you read about in the news bypassed up-to-date AV software. Enumerating “known-good” entities is actually a tractable problem... this is what vendor-signing does. Even Google and Microsoft understand this and have had code-signing infrastructure in place for decades. |
|
|