Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If something like this catches on, attackers will simply start checking the digital signature of the processes, to ensure they are genuine.


McAfee/Norton/etc. could license signed "scarecrow" versions of their products for use with something like this so that it's impossible for the malware to distinguish a scarecrow version of MacAfee from the real thing (and they would get a cut/kickback).

I would pay a small amount for a scarecrow version of AV software if a) it had zero footprint on my system resources, and b) it really did scare away malware that checks for such things.

Either way, though, it makes malware more onerous to develop since it has to bundle in public keys in order to verify running processes are correctly signed.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: