This is important as it stops viruses from infecting your application and then giving the user a false sense of security because they trust you and the appearance of the certificate means you and only you created that application module. Once embedded in this way the certificate or any other part of the signed application file cannot be changed without breaking the certificate. The certificate is issued to the application vendor using a secure mechanism after which the application vendor (thats you) then uses one of a selection of special tools to sign their applications with the certificate. The certificate is issued by a Certificate Authority which is one of a handful of well-known, publicly-listed companies. Signtool With Cer File Exe Or PackageĬode signing uses a mechanism to embed a cryptographic-protected digital certificate into your applications exe or package. The spoofing got so good that it soon became very difficult to tell if the program you had downloaded was actually from the genuine vendor or from some nefarious bandit chomping Cheetos in a sweat-laden bedroom viper pit while heshe scooped up your banking details. More than once popular applications were copied and injected with viruses. The hackers and crackers started to spoof URLs of popular application vendors. But eventually the party music has to stop and we need to get our programs out into the sweaty hands of the unsuspecting general public.
0 kommentar(er)
