Internet users constantly run into situations where they need to download software from websites. In many cases, the user was not planning to download software. However, to experience or use the functionality offered by the website, they need to make a spot decision: “Run” or “Don’t Run.”
In this case, “run/don’t run” questions whether or not to run the code that was downloaded. How does a user decide? How does a user or browser know whether or not to trust the software? The answer is code signing.
To assist in the trust decision process, the software publisher can digitally sign their code. The digital signature answers the questions of authentication and integrity, that is:
- Who signed the code?
- Has the code been tampered with since it was signed?
Armed with this information, the user can now make the “run/don’t run” decision.
Unfortunately, the digital signature does not answer the following questions:
- Can I trust the software publisher?
- Does the code contain malware?
Unsigned code, on the other hand, provides no evidence of authenticity or integrity. The publisher is not identified and, therefore, cannot be held accountable. In addition, the code is subject to tampering. Unsigned code cannot be trusted, except under special circumstances.
What is Code Signing will be covered in the next post of this series.