Any IT techs shed light on how your organizations are handling the detrusting of Symantec? Or, are you just hoping the normal update process takes care of it?
-
-
Re: Symantec De-trust
?? -
Re: Symantec De-trust
Not much impact for us, we ditched all Symantec products years ago and have never used them for our own certs, as for outside websites using Symantec certs our internet is so locked down so much there likely won't be much affect there either (most employees don't even have internet access and those that do can only get to a limited number of "whitelisted" sites).Comment
-
Re: Symantec De-trust
I have a few apps that are signed with Symantec in the certification chain. I'm hesitant to update the local certificate store for fear of bringing that "distrust" into the machine "forever".
While I know the app is genuine (i.e., I don't need to verify the signature to assure myself of its authenticity) *it* wants to check itself during the installation. Because the chain is broken, the installer refuses to start...
I suppose I could install the certificate, run the installer, let it verify its own integrity... and then back the certificate OUT -- leaving a note to myself to remember to do this, again, if I ever need to reinstall the app!
(sigh) What a PITA (though, presumably, it is doing EXACTLY what it was intended to do! -- makes you wonder what those folks did to incur this sort of sanction!)Comment
-
Re: Symantec De-trust
First I've heard of this.....but I've been doing yard work the last week... What happened?<--- Badcaps.net Founder
Badcaps.net Services:
Motherboard Repair Services
----------------------------------------------
Badcaps.net Forum Members Folding Team
http://folding.stanford.edu/
Team : 49813
Join in!!
Team StatsComment
-
Re: Symantec De-trust
Following... yes, what happened?Don't buy those $10 PSU "specials". They fail, and they have taken whole computers with them.
My computer doubles as a space heater.
Permanently Retired Systems:
RIP Advantech UNO-3072LA (2008-2021) - Decommissioned and taken out of service permanently due to lack of software support for it. Not very likely to ever be recommissioned again.
Asus Q550LF (Old main laptop, 2014-2022) - Decommissioned and stripped due to a myriad of problems, the main battery bloating being the final nail in the coffin.
Kooky and Kool Systems
- 1996 Power Macintosh 7200/120 + PC Compatibility Card - Under Restoration
- 1993 Gateway 2000 80486DX/50 - Fully Operational/WIP
- 2004 Athlon 64 Retro Gaming System - Indefinitely Parked
- Main Workstation - Fully operational!
sigpicComment
-
Re: Symantec De-trust
Several browsers (notably recent versions of Chrome and Firefox) are no longer trusting Symantec certs, (It isn't really new but not highly publicized either):
https://www.trustzone.com/are-you-re...ntec-distrust/
https://scotthelme.co.uk/are-you-rea...ntec-distrust/
https://security.googleblog.com/2018...immediate.html
https://blog.mozilla.org/security/20...-certificates/Comment
-
Re: Symantec De-trust
that wouldnt be a problem if you could over-ride it, but i dont think you can - it creates a great censorship mechanism for browser companys!Comment
-
Re: Symantec De-trust
The whole point of authentication mechanisms is to vouch for an entities identity. If you allow distrust into the mix, then it collapses. This puts pressure on folks to avoid "untrustworthy" CAs.
The fact that it isn't a decision taken by just ONE party makes it "fair".Comment
-
Re: Symantec De-trust
on the other hand,
once you have browsers enforcing "HTTPS only" and a few frankly questionable organisations issuing the certs,
you have a fucked situation where you cant host your own site unless they rubber-stamp it with their aproval.
how very fucking communist!
what a great way to make political websites vanish!Comment
-
Re: Symantec De-trust
The certificates apply to ALL authentication. An OS that refuses to run unsigned binaries would effectively prevent "foreign" applications from being hosted on those platforms (can you spell iPhone?)
The "great equalizer" is that CAs that even try to go that route could just as easily be de-trusted. Then, all of the apps/sites that they were hoping to endorse would simultaneously feel the same kiss of death they may have been "trying" to impose on others.
Ooops!Comment
-
Mounting and Handling Guidelines for TO220 TO220F TO247 Cases / Packages
The TO220, TO220F and TO247 are the popular packages for power devices because of their versatility and ability to dissipate moderate amounts of heat. This application note describes the basic guidelines for handling power MOSFETs in TO220, TO220 and TO247 packages shown in Figure 1. Please note that only mechanical and soldering guidelines are covered here. Additional precautions are required for isolating high voltage rated devices to meet safety regulations.
Securing a good thermal interface between...10-07-2024, 04:35 AM -
I find myself with my personal laptop, NVME -> USB-C adapter to test/retrieve data on SSDs connected to my laptop
USB DVDRW
odd collection of bootable disks for diagnostics (I know some of you have been raving about a collection of these all-in-one tool DVD/CD's, never looked into those)
USB ethernet adapter (unfortunately requires drivers)
USB Sata adapter
2TB HDD for backing data up
Multi-bit screwdriver
Laptop toolkit with extensive bits, pry tools, etc, etc
USB mouse... -
Hello,
I'm currently at the situation where I would like to purchase a General Liability Insurance that covers my In-Home Tv Repair Services ( I travel to customer house)
Do you all know about any reliable Insurance Company that could cover me from damaging a 70" screen to breaking a expensive decoration in customer living room or scratching walls, etc.
I have avoided the insurance protection for years but now I have decided to purchase it and don't know where to go or what is a good or a reasonable price to pay.
I contacted 5 months ago... -
⚠️ Not a Rescue BIOS. Flash at Your Own Risk. ⚠️
This is not A17.
This is not listed on Dell's support site.
This is an unreleased internal firmware revision recovered from a university loaner Latitude E6530... and it possibly bricked the system it came from.
It is from the 8 MB Winbond W25Q64 chip. Could be nothing burger but given the anomalies this is a very interesting firmware dump.
Firmware collectors and reverse engineers might find this useful, It contains certs, modules, and DXE drivers not present in A17. This is likely... -
Hello Techs, I have tried changing RAM, hard disk, power supply, but WHEA UNCORRECTABLE ERROR still persists. What I have not done is BIOS update, but I reset BIOS to Default settings.
Comment