Slashdot Mirror


How VeriSign Could Stop Drive-By Downloads

emcron writes "Ben Edelman has been doing great forensic work looking at spyware, adware, and malware. His latest piece, How VeriSign Could Stop Drive-By Downloads, turns the harsh light of public scrutiny on VeriSign's grubby practices in issuing digital certificates to vendors who try to install spyware by tricking users into clicking 'yes' with low-down dirty lying dialog boxes. Now, Ben wants VeriSign to clean up its act: it should refuse to issue certificates to companies that use obviously fake names (such as "CLICK YES TO CONTINUE") or that use those certificates to deceive consumers."

4 of 229 comments (clear)

  1. certificates to deceive consumers by Anonymous Coward · · Score: -1, Troll

    What about the "embedded crypto keys", "NSAKEY, CIAKEY, and FBIKEY, which exists in the most widely used and abused operating system from you know where!?

    1. Re:certificates to deceive consumers by Anonymous Coward · · Score: -1, Troll
      What about the "embedded crypto keys", "NSAKEY, CIAKEY, and FBIKEY, which exists in the most widely used and abused operating system from you know where!?
      Blah. I could've modded you troll, but I decided to just do this.

      (As for "FBIKEY" and "CIAKEY"... wtf are you talking about?)
  2. Re:Here's solution: by Anonymous Coward · · Score: 0, Troll

    yeah, right

  3. Re:Verisign is not at fault. by Anonymous Coward · · Score: -1, Troll

    Either way it is my fault for giving her a PC which doesn't do all these things

    But the PC still works. Isn't precisely what you want? The sister-in-law can not do some things because she *must not do it*, not only because the system does not let her do it. Your are an ok home-sysadmin: got the ystem stable and do what we need it for. We don't need spywares, idiot games. Exactly what happens. Congratulations.