|
|
|
|
|
|
by jokoon
4188 days ago
|
|
|
mmh 1. having a public repo of the official source code 2. hashing the executable you have on your phone 3. the repo publishes a hash of its compiled executable release 4. the repo approves or reject the binary, based on the decompiling of the application and its comparison with the original source code 5. your os cannot run code that is rejected, or will just warn the user don't know if a digital signature could be used somewhere in there. would be much simpler to let system download source code and compile it instead of an executable I guess, but that would require to have much lighter libraries... |
|
|