[Cryptography] Cryptographic signing of software is security theater

[Peter Gutmann]

Jerry Leichter <leichter at lrw.com> writes:

>Samsung of course says it "takes the security of Galaxy devices seriously.

Ah yes, "we take security seriously", the thoughts and prayers of computer
security.

It's pretty much an unwritten law of computer security that any time you see
or hear "we take security seriously" it's from someone who's just been
breached after not taking security very seriously.

Peter.