could someone point me to some code that would allow me to check the
validity of the application inside our own code?
Checking your own validity doesn't seem very useful for hack-
resistance, since any hacker patching the binary can just delete the
code that runs the check. Trying to make code protect itself is just
an unwinnable arms-race of obfuscation and other tricks; it can only
deter or delay a crack, not prevent it.
It seems more useful to use code-checking to verify plug-ins/bundles
that your app loads, since that way the code doing the check is
separate from the possibly-tampered-with code.
(Although I'm not too optimistic about this, given the total security
failure of ActiveX on Windows — despite using code-signing from day
one, it became a huge vector for malware, through a combination of
poor trust mechanisms, poor UI design, and social engineering. A more
limited form might be useful, though, such as an app that flatly
refuses to load plug-ins that haven't been signed by the developer of
the app itself.)
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/apple-cdsa/email@hidden
This email sent to email@hidden
