In a way, I prefer malware to be signed. If nothing is signed, essentially everything has full permissions, so we'll ignore that part for now, and just look at the differences once malware is signed.
First and foremost, it cost $100 to get the signature. It was paid somehow. Hello money trail, this is way more information on malware authors / pushers than we tend to get. If they somehow obfuscated every bit of data in that account to the point that it's worthless, then it's merely identical to it lacking a signature, no worse.
Second, it can be revoked. This severely limits the spread, reducing the total damage. Sure, the people prior to this are impacted, but they would be if it didn't have a signature, so again, no worse, no matter what.
Third, people click 'yeah, let this program do whatever the hell it wants' all the time, so the lack of a signature really doesn't prevent its spread / limit the damage. Maybe for the techy-elite, but they're less likely to get this anyway. Probably more likely to run unnoticed because it's signed, but I'd argue not by much. Slightly worse.
First and foremost, it cost $100 to get the signature. It was paid somehow. Hello money trail, this is way more information on malware authors / pushers than we tend to get. If they somehow obfuscated every bit of data in that account to the point that it's worthless, then it's merely identical to it lacking a signature, no worse.
Second, it can be revoked. This severely limits the spread, reducing the total damage. Sure, the people prior to this are impacted, but they would be if it didn't have a signature, so again, no worse, no matter what.
Third, people click 'yeah, let this program do whatever the hell it wants' all the time, so the lack of a signature really doesn't prevent its spread / limit the damage. Maybe for the techy-elite, but they're less likely to get this anyway. Probably more likely to run unnoticed because it's signed, but I'd argue not by much. Slightly worse.