|
|
|
|
|
|
by josephcsible
1865 days ago
|
|
|
> prevents use of hobbyist or non-approved algorithms including some sketchy PRNGs It prevents use of good algorithms like ChaCha20/Poly1305, and it allowed the sketchiest PRNG of them all: Dual_EC_DRBG. > The executable signing also makes monkey-patching harder Monkey-patching means patching at runtime. This is just as easy to do after the signature has already been verified. > it will generally run behind and not get the latest algorithms until a few years have passed It also won't get fixes for vulnerabilities until a few years have passed. |
|
|