Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Apple has a pretty complex boot system in which each stage of the boot process verifies a checksum of the next layer before starting it up. The lowest layer is etched in ROM. Theoretically, if you verify the integrity of the bitcode, and you verify the integry of the bitcode compiler, you should be able to trust the native binary as well.


Apps you upload to iTunes Connect that contain bitcode will be compiled and linked on the App Store.

Unless the description is wrong, this looks like Apple could insert any code they want into your binary, without your users noticing.


As others have pointed out - which they can do anyway because they own the entire operating system and application runtime.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: