[tedunangst]

How do you guarantee the App Store doesn't serve limited edition binaries to selected recipients?

[nmgsd]

The App Store run by a central authority with complete control over what can even be available and the ability to modify the delivery at their own whim is certainly a big issue in terms of trusting the integrity of the apps running on a device.

[verbify]

If you suspect yourself to be a selected recipient (e.g. you're Edward Snowden) I reckon you should compile your own binaries. Or read 'Reflections on Trusting Trust'.

[cheiVia0]

Now you are the selected recipient of modified source code.

[verbify]

Get it from multiple sources, and do a diff.

[conradev]

Fun fact: The App Store already serves limited edition binaries to everyone because it encrypts them per-account :)

[Canada]

Forget the aop store. How do we know Google, Apple, Microsoft, Ubuntu, etc doesn't give us a malicious kernel update?

I don't think we have good solutions for the problem of malicious updates in general.

The only one I can think of is a trusted hypervisor that hashes memory in the guest and reports on it. And even then, how do we trust that?

[angry_octet]

Forget the software, the firmware running on the baseband processor can read system memory and send it over the network without you knowing. But that takes lots of effort to target a specific person.

So what do you do? It comes back to making sure that 'they' can only hack some of the people all the time, and all of the people some of the time. It's preventing them hacking all the people all the time I worry about.