On Wed, Oct 14, 2009 at 12:37 AM, Charles Srstka <cocoa...@charlessoft.com> wrote: > On Oct 13, 2009, at 10:41 AM, Jens Alfke wrote: > >> This code sample seems to be designed to verify the binary that it's >> compiled into. That's sort of useless for security purposes, like yelling >> downstairs "are you a burglar?" If your own code's already been modified, >> it's easy enough for the hacker to disable the code that does the checking > > Well yeah, if the hacker is specifically targeting your app. However, if the > app gets infected by a virus or something, it won't be doing that, and your > code signing check will catch it. So it's not completely useless for > security purposes.
You say that as if "getting infected by" and "being specifically targeted by" a virus are different things. Either a virus has targeted your application, and as such knows enough about it to modify it's code (and therefore replace/defeat any signature check), or it's targeting something outside of your application (a framework, a bundle loaded into your application, etc.), in which case the changed code happens outside of your application's code and a signature check will not find any issues. If you're trying to detect malicious changes to your application, then checking your own signature is useless, the entity doing the check has to be beyond the reach of the malicious code in order to be trusted; once that check is inside the application code itself, it becomes useless. -- Clark S. Cox III clarkc...@gmail.com _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
