General News

Sandboxing the Adobe Reader

Will this change really make Adobe Reader more reliable ? In order to be more reliable, they have to make everything more reliable. And Adobe doesn’t know how to do this. Here is the saga: Introduction: http://blogs.adobe.com/asset/2010/07/introducing-adobe-reader-protected-mode.html Part 1: http://blogs.adobe.com/asset/2010/10/inside-adobe-reader-protected-mode-part-1-design.html Part 2: http://blogs.adobe.com/asset/2010/10/inside-adobe-reader-protected-mode-%e2%80%93-part-2-%e2%80%93-the-sandbox-process.html Update: We published an article in the Techblog about this : http://techblog.avira.com/2010/11/05/the-adobe-reader-sandbox/en/

General

Viruses and Digital Signatures

Very interesting stuff: http://www.symantec.com/connect/blogs/viruses-and-digital-signatures Although the files are signed, they are signed using an unauthenticated CA (Certificate Authority) which is masquerading as Verisign. A CA is a trusted third party that issues and signs the certificate and vouches for the authenticity of the file. Each CA should be registered and therefore recognized globally as a […]