On Fri, May 28, 2010 at 7:40 PM, Philip Vallone <philip.vall...@verizon.net> wrote: > Hi, > >> Wait, are you archiving and unarchiving data over a network? That’s a bad >> idea unless you’re extremely careful. The problem is that a malicious peer >> can send you an archive that expands into any codable object, not just the >> types you were expecting; this can be exploited to do Bad Things in your >> process, like crashing and possibly worse. > > How is it possible using GKSession to be introduced to a malicious peer.? I > am creating a GKSession object and connecting via GKPeerPickerController. A > hand shack is made between the the two peers. Once both peers accept the > connection, the session is stored along with the peer id. This information > can be checked before any information is received. Isn't this secure enough?
An attacker can execute a man-in-the-middle attack, wherein he talks to two copies of your app and passes data between them, such that they think they're talking directly to each other, but then modifies data maliciously. An attacker can simply impersonate your app, responding like a real client, but sending malicious data when desired. Neither of these can be defended against, even theoretically, when communicating peer-to-peer. (It is possible to defend against them when communicating with a server by using digital signature technology, but this doesn't work when the attacker has direct access to the program he wants to impersonate.) In short, you should treat any data coming from the network as potentially evil, always. Mike _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
