Re: Code signing
Re: Code signing
- Subject: Re: Code signing
- From: Bob Ippolito <email@hidden>
- Date: Tue, 23 Aug 2005 23:02:47 -0700
On Aug 23, 2005, at 9:24 AM, glenn andreas wrote:
On Aug 23, 2005, at 11:14 AM, Brad Peterson wrote:
In my limited experience with code signing, the file
size, a CRC value, etc. are usually included with the
signature to prevent exactly the sort of thing I'm
trying to prevent.
Yes, I realize that to some extent, nearly every
system is hackable. I'm only looking for more stuff to
slow 'em down. ;)
Not going to really slow them down much, I'm sorry to say.
For fear of devolving into "yet another copy protection" thread
(and trying to keep things Cocoa related) remember that the Cocoa
runtime architecture is very open to run time modification.
Personally, if I were to want to hack an application written in
Cocoa I'd start by snooping through the macho file to get a feel
for the classes, methods, and the like, and then inject code to
modify it accordingly, resulting in something that doesn't touch
the original binary at all.
Note also that it's possible to inject code into ANY application,
regardless of which language it was written in. It's certainly
easier to figure out where to do it with Objective-C (on average)
because of the introspection features that are available, but the
mechanism to start a thread in another pid, add write permission to
pages, patch some code, etc. works for arbitrary processes.
-bob
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden