Community home
Menu
  • PEXA Certified Expand

    PEXA Certified

    This program will give you an introduction to PEXA, how it works and how it can help you transform your business processes.

    Discover More
    • Getting Business Ready
    • System Set Up
    • Transacting in PEXA
  • Help Centre Expand

    Help Centre

    Here you’ll find more than 230 help articles and videos to assist you.

    Discover More
    • Help Articles
    • Help Videos/PEXA TV
    • PEXA Interactive Demos
    • FAQs
    • Ask a Question
    • PEXA Certified
  • Ask a Question
  • Share your Experience
  • Raise an Idea
  • Blogs Expand

    Read the latest in our blogs.

    Keep up to date with the latest PEXA product releases, and read up on the property blog.

    Discover more
    • Community Blog
    • The Property Blog
    • Security Updates
    • PEXA Product Releases
    • Announcements | Outages etc
    • The Bank Blog
    • Workspaces
      Community
      Register
      Log in
    Apps menu
  • Register / Login

Community Home
Register / Login

PEXA Digital Certificate Software not correctly digitally signed

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
  • Community
  • :
  • Security
  • :
  • Raise a Security Concern
  • :
  • PEXA Digital Certificate Software not correctly di...

PEXA Digital Certificate Software not correctly digitally signed

Reply
Topic Options
  • Subscribe to RSS Feed
  • Mark Topic as New
  • Mark Topic as Read
  • Float this Topic for Current User
  • Bookmark
  • Subscribe
  • Printer Friendly Page
  • All forum topics
  • Previous Topic
Andrew_GC
Andrew_GC
Occasional Contributor
  • Mark as New
  • Bookmark
  • Subscribe
  • Subscribe to RSS Feed
  • Highlight
  • Print
  • Email to a Friend
  • Report Inappropriate Content

on ‎05-09-2018 10:10 PM

on ‎05-09-2018 10:10 PM

PEXA Digital Certificate Software not correctly digitally signed

PEXA's digitial certificate software download is signed with a certificate issued to 'pexa.net.au'.  Why should anyone trust software signed by a website? Especially one that is not in use? It is trivial to register website names, and numerous 'pexa.' domains are available for registration now by anyone.  How are we to discern whether pexa.net.au is actually owned by the Property Exchange Australia Limited?  How then, are we to determine whether to trust the signer and install this software?

 

 

The software should be signed with a certificate issued to PROPERTY EXCHANGE AUSTRALIA LIMITED. 

 

Surely PEXA does not think that users should ignore incorrect security certification of its software? Or that we should trust anything with 'PEXA' in it somewhere? This is EXACTLY how fake (malicious) software is promulgated.

 

Here is a snip of what the digital signatures look like on correctly signed software by two other well known software companies (left hand side) and on the right-hand side, a snip of the PEXA software signature.  (Red markup added by me for emphasis) 

Pexa Digital Software Certificate.png

 

 

I posted about this in the general forum section, but received no response.  

Category:
  • certificates
  • fraud prevention
  • Security
  • Tags:
  • certificate
  • signing
0 Likes
Reply
  • All forum topics
  • Previous Topic
5 REPLIES 5
EmilyBilling
EmilyBilling Product Owner
Product Owner
  • Mark as New
  • Bookmark
  • Subscribe
  • Subscribe to RSS Feed
  • Highlight
  • Print
  • Email to a Friend
  • Report Inappropriate Content

on ‎06-09-2018 09:47 AM

on ‎06-09-2018 09:47 AM

Re: PEXA Digital Certificate Software not correctly digitally signed

Hi @Andrew_GC, thanks for posting this, pexa.net.au is a PEXA domain. I have shared this with our security team to find out more information.

Thanks

Emily  

0 Likes
Reply
Andrew_GC
Andrew_GC
Occasional Contributor
  • Mark as New
  • Bookmark
  • Subscribe
  • Subscribe to RSS Feed
  • Highlight
  • Print
  • Email to a Friend
  • Report Inappropriate Content

on ‎07-09-2018 08:46 AM

on ‎07-09-2018 08:46 AM

Re: PEXA Digital Certificate Software not correctly digitally signed

Thanks Emily. Any response from the team?   

0 Likes
Reply
EmilyBilling
EmilyBilling Product Owner
Product Owner
  • Mark as New
  • Bookmark
  • Subscribe
  • Subscribe to RSS Feed
  • Highlight
  • Print
  • Email to a Friend
  • Report Inappropriate Content

on ‎10-09-2018 08:43 AM

on ‎10-09-2018 08:43 AM

Re: PEXA Digital Certificate Software not correctly digitally signed

Hi @Andrew_GC - the team are looking into it so hoping to share more info with you asap. 

0 Likes
Reply
Andrew_GC
Andrew_GC
Occasional Contributor
  • Mark as New
  • Bookmark
  • Subscribe
  • Subscribe to RSS Feed
  • Highlight
  • Print
  • Email to a Friend
  • Report Inappropriate Content

on ‎12-10-2018 02:54 PM

on ‎12-10-2018 02:54 PM

Re: PEXA Digital Certificate Software not correctly digitally signed

Sooo....  any news? I would have thought a month was enough time for your security team respond?

0 Likes
Reply
EmilyBilling
EmilyBilling Product Owner
Product Owner
  • Mark as New
  • Bookmark
  • Subscribe
  • Subscribe to RSS Feed
  • Highlight
  • Print
  • Email to a Friend
  • Report Inappropriate Content

on ‎15-10-2018 09:02 AM

on ‎15-10-2018 09:02 AM

Re: PEXA Digital Certificate Software not correctly digitally signed

Hi @Andrew_GC - our security team have reviewed the Digital Certificate package and it will soon be updated to show Property Exchange Australia. Thanks for bringing this is our attention. 

0 Likes
Reply
PEXA

|

Facebook Twitter LinkedIn
  • Support
  • Privacy Policy
  • Terms of Service