So HSMs and physically secure facilities didn’t protect against “malware on the build server”?
But nice to see Adobe actually sharing the details – their handling of security issues in the past have been mediocre work.
They did protect the signing key, the loss of which would probably have been much worse.
So HSMs and physically secure facilities didn’t protect against “malware on the build server”?
But nice to see Adobe actually sharing the details – their handling of security issues in the past have been mediocre work.
They did protect the signing key, the loss of which would probably have been much worse.