Having a monoculture of M$’s OS on PCs is deadly. M$’s update process was used to ship malware. To do that a fake signature was developed one way or another. Since we now know that USA/Israel cooperated in this, there are some feasible paths:
- M$ gave a signature to their “partners” in US government for the purpose,
- M$ was tricked into doing so,
- USA cracked M$’s keys…, or
- USA bought keys from malware artists.
I have no idea which of these happened, but it is clear that if you want secure IT, you must eliminate the monoculture. It is clear that if there were some compromised keys, there could be more, a lot more out of thousands of millions of signatures. Is it enough that M$ revokes a few signatures? I doubt it. The world will demand diversified IT ASAP. This is good news for FLOSS. I would bet Iran is pulling out all the stops to eliminate that other OS today. How many others will pick up the pace of migration as a result of this? How many others will set up super-computers to crack codes so they can use this trick?
“Having a Microsoft code signing certificate is the Holy Grail of malware writers”