|Home » Learning Curve » Developers Workshop
Re: Hacking C0d3 S1gN
Rabbit holes? Smoke and mirrors? And where's the protection? From the forum.
Code signing is just another form of DRM. It's smoke and mirrors - it's Apple's way of telling the Ilgazs, Ron Ls, Goobers, and Wights out there that they're looking out for Joe (L)user. However, as we all know, DRM can be defeated.
And as has been shown, code signing can empirically be defeated. Now we just need to try this with another known code-signed app for kicks. But then you'll get those same losers balking about the findings on Version Tracker. (OH NOS!!!111 He's telling everyone how to defeat code signing!!111 Pitchforks!!!111one)
People balked at MS over the idea of code signing but gave the darlings at One Infinite Bloop a free pass in this department...
The only safe way for applications to exist at the / level is to follow what every other *nix does: Require authentication to move anything into */bin. In this case, /Applications is off limits to everyone unless an admin authenticates. ~/Applications is relegated to the sandbox that is the user's home. But then code signing becomes pointless as has already been pointed out.
Lock /Applications down.
Lock /Library down.
An admin user should not be able to freely roam around in those directories. Moreover no other user should be able to own whatever (s)he sticks in there after furnishing an admin password. Jobs won't be around much longer (if he ever comes back); someone needs to grow a pair and fix these two major shortcomings (along with all of the other shortcomings out there).
As far as 'viruses' and whatnot: There are no viruses. And even if there was one it would be contained rather quickly due to the security model. The only time all bets would be off if Joe (L)user were to give up his admin credentials - but this can happen in any OS.
I know I sound like I'm preaching to the choir in here but that is my two cents.
Forum: Hacking C0d3 S1gN