http://arstechnica.com/security/2014/10/hp-accidentally-signed-malware-will-revoke-certificate/