is the jailbreak app really a virus?
David Woodhouse
dwmw2 at infradead.org
Sun Mar 7 16:14:20 EST 2010
On Wed, 2010-03-03 at 00:51 -0500, Chaskiel Grundman wrote:
> On Tue, 2 Mar 2010, Alex Nemirovsky wrote:
>
> > Hi,
> >
> > This article claims that jailbreak is a virus.
It doesn't say that -- it just says that some anti-virus engines report
results which 'might cause some concern'.
The article seems fairly clueless to me, though. To quote:
"Ultimately this tool changes the game for server administrators
managing server certificates. You can no longer continue to
believe that your private keys are safely stored on the Windows
certificate store. Perhaps you already knew this and I’m late
to the game?"
He seems to be extremely "late to the game". What kind of idiot would
assume that a private key stored in software on the server is going to
be unretrievable? That's FUNDAMENTALLY IMPOSSIBLE without dedicated
hardware like a TPM, and that should be obvious to anyone with even the
most _basic_ understanding of computers.
And furthermore, why would anyone ever trust unreviewable, closed source
software with such a task -- even if it _wasn't_ an impossible task?
Some people are just too stupid for words.
> The virus scanners claim that jailbreak is malware. Not all malware are
> viruses.
>
> In this case, it is my uninformed suspicion that it is considered malware
> because it can be seen as a "hacker tool". The detections marked
> Jailbreak or Jeakail are almost certainly for this reason. I can't say
> what the other detections mean.
It's also possible that it uses some privilege escalation trick to read
the private keys, and that makes it look like a virus.
--
dwmw2
More information about the openconnect-devel
mailing list