Conversation

Howard Oakley, Eclectic Light Co

@howardnoakley

·

Jul 18, 2019

How apps can check integrity better than macOS http://eclecticlight.co/2019/07/18/how-apps-can-check-integrity-better-than-macos/…

1

2

Start Is All Back

@StartIsBack

Replying to

@howardnoakley

Always verifying own bundle signature is a bad idea: it can be very slow (big bundle, online CRL) or crash (there are/were thread-safety issues with Security APIs). Plus there are/were bizzare cases when bundle is modified (ex. Time machine restore)

10:30 AM · Jul 18, 2019·Twitter for iPhone

Howard Oakley, Eclectic Light Co

@howardnoakley

·

Jul 18, 2019

Replying to

@StartIsBack

For apps far smaller than Xcode, experience shows it’s v quick and v reliable. Are you happy to let users run your apps with broken signatures? Comments welcome on the blog, please.

This Tweet was deleted by the Tweet author. Learn more

Show replies