Shame about SHA-2: Symantec flunks basic programming

preview_player
Показать описание

FOLLOW US
  1. ZDNET
  2. Security
  3. Microsoft
  4. Chris Duckett
Рекомендации по теме
Shame about SHA-2: 0:03:26

Shame about SHA-2: Symantec flunks basic programming

Episode 311 - 0:04:21

Episode 311 - Tools, Tips and Tricks - VPNFilter Malware Detector By Symantec

Week 6 - 0:45:22

Week 6 - Host security, account management, cryptography and PKI

DEF CON 24 0:46:15

DEF CON 24 - Jay Beale and Larry Pesce - Phishing without Failure and Frustration

Комментарии
Автор

They (Symantec) probably need to fix their certificate authorities or their chain. Windows 7 will be EOL after this year and businesses need to make the appropriate steps to migrate to Windows 10. Windows 7 was a big target for brute force attacks unless you have full disk encryption with a TPM. Windows 7 also have a very limited or compatible use of UEFI and can only be used with the 64-bit version, so using a SHA-2 TLS certificate will not guarantee that a user is protected from a site that is not signed or a site that asks for PII (personal identifiable information; name, address, credit card). There were files on the Internet that were listed as false positives by Symantec, but are actually pretty harmful. Yeah, that's a big fail there.

MajinErick