How can digitally signed executable be

How can digitally signed executable be "secure" ?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
How can digitally signed executable be "secure" ? Polaris 05-24-2006
Posted by Polaris on May 24, 2006, 3:55 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi Experts:

I know the purpose of signing an executable (say, by VeriSign) is to make it
more securer. But can anyone explain why ?

If I use my private key to sign an executable, I guess the content of the
executable is changed ? Is it just the exe file header change? What if some
hacker exam the binary header and somehow can make an exe with same name as
mine and with same look in the file header (pretend to be signed digitally)?

Thanks in Advance !

Polaris



Posted by Doug Knox MS-MVP on May 24, 2006, 4:41 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
http://www.answers.com/topic/digital-signature

--=20
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart =
Display\Security
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
=20
> Hi Experts:
>=20
> I know the purpose of signing an executable (say, by VeriSign) is to =
make it=20
> more securer. But can anyone explain why ?
>=20
> If I use my private key to sign an executable, I guess the content of =
the=20
> executable is changed ? Is it just the exe file header change? What if =
some=20
> hacker exam the binary header and somehow can make an exe with same =
name as=20
> mine and with same look in the file header (pretend to be signed =
digitally)?
>=20
> Thanks in Advance !
>=20
> Polaris=20
>=20
>

Posted by Harvey Colwell on May 24, 2006, 9:40 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
A digitally signed executable is guaranteed to not to have been tampered
with during transmission and that it does in fact come from the individual
that says they sent it (or was created by the individual that says he
created it). But in NO WAY does this mean that the executable is actually
safe. Digitally signed malicious has been distributed.

Of course, as soon as these signer was identified, the Certificate Authority
for that individual revoked their digital certificate. But the malicious
code still got installed by many people.


> Hi Experts:
>
> I know the purpose of signing an executable (say, by VeriSign) is to make
> it more securer. But can anyone explain why ?
>
> If I use my private key to sign an executable, I guess the content of the
> executable is changed ? Is it just the exe file header change? What if
> some hacker exam the binary header and somehow can make an exe with same
> name as mine and with same look in the file header (pretend to be signed
> digitally)?
>
> Thanks in Advance !
>
> Polaris
>



Posted by Steven L Umbach on May 24, 2006, 10:30 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
The name of the file could be the same but the content of the file would be
different and then the hash value would not match the original. I am not
sure exactly what is used to determine the hash but I understand enough is
used to make the technology very secure. I believe file size is used as one
element so if the file contains one more or less character that alone would
be enough to make the hash different. If you are using Windows XP Pro or
Windows 2003 you can use Software Restriction Policies to make hash rules so
you could try changing a file and see what happens to the computed
ash. --- Steve


> Hi Experts:
>
> I know the purpose of signing an executable (say, by VeriSign) is to make
> it more securer. But can anyone explain why ?
>
> If I use my private key to sign an executable, I guess the content of the
> executable is changed ? Is it just the exe file header change? What if
> some hacker exam the binary header and somehow can make an exe with same
> name as mine and with same look in the file header (pretend to be signed
> digitally)?
>
> Thanks in Advance !
>
> Polaris
>



Similar ThreadsPosted
Why are programs not digitally signed to protect against viruses? June 28, 2005, 1:58 pm
Deploying patches that work with digitally signed .NET assemblies November 29, 2005, 6:27 pm
Add data to executable after it was signed October 30, 2005, 3:41 am
executable code versus non-executable code September 9, 2008, 8:57 pm
Digitally sign MS Office files October 19, 2006, 5:30 am
Digitally sign MS Office files October 19, 2006, 5:30 am
Digitally sign MS Office files October 19, 2006, 5:30 am
Digitally signing GIFs, JPEGs, etc. October 29, 2007, 12:22 pm
Secure Auditor secure your windows April 14, 2008, 5:23 am
Secure Auditor secure your windows April 14, 2008, 5:30 am

The site map in XML format XML site map

Contact Us | Privacy Policy