|
|
|
|
|
|
by moopark
5628 days ago
|
|
|
When Mac OS X updates the signature on a binary (for instance, when you configure a firewall rule for a previously unsigned binary), the actual Mach-O file will be changed -- and your digest will be incorrect. Skype (which has notoriously complex obfuscation) had this problem for a short time when Mac OS X 10.5 was released: http://securosis.com/blog/leopard-firewall-code-signing-brea... You can work around this by validating only the important subset of the Mach-O contents, but it's probably not worth it. Cracked applications (rather than, say, reverse engineered serial number generators) are an annoying thing to use -- you'll have to refrain from applying updates until you get a new crack, trust the person distributing the crack, etc. It's not something I (or, afaik, most other small Mac developers) really worry about. |
|
|