|
|
|
|
|
|
by WalterGR
4023 days ago
|
|
|
The relevance of the article's mention of the "Flame" malware was puzzling, since no context is provided and the linked Wired article doesn't shed any light. Wikipedia has this to say, which seems to solve that puzzle: "Flame was signed with a fraudulent certificate purportedly from the Microsoft Enforced Licensing Intermediate PCA certificate authority. The malware authors identified a Microsoft Terminal Server Licensing Service certificate that inadvertently was enabled for code signing and that still used the weak MD5 hashing algorithm, then produced a counterfeit copy of the certificate that they used to sign some components of the malware to make them appear to have originated from Microsoft. A successful collision attack against a certificate was previously demonstrated in 2008, but Flame implemented a new variation of the chosen-prefix collision attack." http://en.m.wikipedia.org/wiki/Flame_%28malware%29 |
|
|
Here's the 'real' link: http://en.wikipedia.org/wiki/Flame_%28malware%29