Y
Hacker News
new
|
ask
|
show
|
jobs
by
Weetile
408 days ago
The question is - how do you intend to verify whether an application is official or unofficial? What's stopping the official application to be 'patched' with a fake signature feigning validity?
1 comments
mmooss
408 days ago
Asymmetric cryptography?
link
Philip-J-Fry
408 days ago
How? If you're validating a server, sure. But a server validating a client?
Anything you ship with the app can be extracted.
link