On Oct 13, 2009, at 10:41 AM, Jens Alfke wrote:
This code sample seems to be designed to verify the binary that it's compiled into. That's sort of useless for security purposes, like yelling downstairs "are you a burglar?" If your own code's already been modified, it's easy enough for the hacker to disable the code that does the checking
Well yeah, if the hacker is specifically targeting your app. However, if the app gets infected by a virus or something, it won't be doing that, and your code signing check will catch it. So it's not completely useless for security purposes.
Charles _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
