One more thought ... just to expand your thinking beyond the excellent responses already given, is to rephrase the goal as "how do I prevent a modified binary (executable) from causing problems?" This is a weaker goal but can in some contexts be more manageable.
I can't share full details, but I'm involved in engineering at Niantic, with Pokémon GO and Harry Potter Wizards Unite as example executables. Among the 100M+ players are more than a few cheaters who want to hack the OS or app to gain unfair advantage. How do we fight this? We'd like to prevent modification and we'd like to have the phone not be rooted, but it is a big world with many moving parts that we don't control. However, we do control the world the servers create for the app, the scoring function that rewards player activity, and the memory aspect that accumulates player's scores. Here's the general idea: the huge player base is the training set for "how good can people do here" all over the world, how fast can they walk right here, how far can they see right here, etc. If a player does better than 40k people have done at this park this month, that's a flag. If the player matches Santa Claus in terms of travel speed (Paris, Da Nang, Cape Town, all in a few minutes) that's an obvious flag, but so is shaving a minute here and there, if you know how to look. When we see signs we can inspect, journal all activity, roll back cheater updates, and apply them to a lonely cheater world where your false glory is not sharable, we can do many other things too -- even though we can't necessarily stop modifications. Just sharing this other way in case it helps you. Obviously better to prevent modification, have key code in a trusted enclave, etc. On Tue, Jul 23, 2019 at 12:57 PM Tom Mitchell <mi...@niftyegg.com> wrote: > > On Tue, Jul 23, 2019 at 11:51 AM clement auger <clementauger...@gmail.com> > wrote: > >> Hi, >> >> I m looking for a technique to prevent binary alteration once distributed >> in the wild. >> >> I have no clue what i m asking for. >> > > The best current solutions are package manager oriented. > Decide on the platform you want to work on then look at the package > manager > tools. As well as the access control and audit tools on the platform so > it is installed > in a safe and secure way. > > Today most systems have the option of installing mandatory access control > system services. > > Some package managers have verify and repair options that can give someone > a warm fuzzy. > > Start with keeping a log of the cryptographic quality check sum and other > metadata for your program. An example: I can download a golang package > and verify that the checksum is as expected before installing. This is > valuable when the fastest > download is a mirror and the primary metadata is on a far or slow primary > distribution > machine. > > Each platform will have different features. > > -- > T o m M i t c h e l l ( o n N i f t y E g g ) > > -- > You received this message because you are subscribed to the Google Groups > "golang-nuts" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to golang-nuts+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/golang-nuts/CAAMy4URxAx2C60qRucBiRpiLrYOtU0%2BZ4mO7vnyy9boNBQGcnA%40mail.gmail.com > <https://groups.google.com/d/msgid/golang-nuts/CAAMy4URxAx2C60qRucBiRpiLrYOtU0%2BZ4mO7vnyy9boNBQGcnA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- *Michael T. jonesmichael.jo...@gmail.com <michael.jo...@gmail.com>* -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/CALoEmQwZ-JTQRQMeWuz9BRwgMNWqose3w%2BqCCE9xrD-MqXxN%2BA%40mail.gmail.com.
