Hacker News new | ask | show | jobs
by gizzlon 5348 days ago
"Apple then has the power, if any app is found to be malware, to shut it down remotely, immediately"

Actually I don't think this will work. They can "shut it down" in the sense that they can keep new installs from happening. But if the malware is already installed it controls the machine, so it can simply ignore the "kill switch" for itself.
1 comments
andybak 5348 days ago
Is there not some way that the certificate checks can run on app launch? Or even periodically
link
gizzlon 5348 days ago
I don't know how mac "apps" work, but if we assume it can gain full control over the os, there's really only one thing they can do: "anchor" the checks in hardware.

The way it (supposedly) works is that you have a hardware chip that checks the bios, which checks the boot loader, which checks the os, which checks the apps etc.. The goal is that you'll have to modify the actual hardware chip in order to "crack" the os. Sounds great, but has a lot of challenges in practice.

link