Category Archives: Codesign

On the new Lion security things

This post will take a high-level view of some of Lion’s new security features, and examine how they fit (or don’t) in the general UNIX security model and with that of other platforms. App sandboxing The really big news for … Continue reading

Posted in Authentication, Authorization, Codesign, Mac, PCAS, sandbox | 4 Comments

On the extension of code signing

One of the public releases Apple has made this WWDC week is that of Safari 5, the latest version of their web browser. Safari 5 is the first version of the software to provide a public extensions API, and there … Continue reading

Posted in Authorization, Browser, Codesign, Crypto, Mac, Windows | Comments Off on On the extension of code signing

Regaining your identity

In my last post, losing your identity, I pointed out an annoying problem with the Sparkle update framework, in that if you lose your private key you can no longer post any updates. Using code signing identities would offer a … Continue reading

Posted in Codesign, Crypto, PCAS, Updates | Leave a comment

Losing your identity

Developers make use of cryptographic signatures in multiple places in the software lifecycle. No iPad or iPhone application may be distributed without having been signed by the developer. Mac developers who sign their applications get to annoy their customers much … Continue reading

Posted in Codesign, Crypto, iPad, iPhone, Mac, PCAS, Policy, Updates | Comments Off on Losing your identity

More NSConf code signing fun

I’ll be talking at the US NSConference on Tuesday, with an extended version of my talk on code signing. I’ll cover how it works, what it does, what it doesn’t do, and what it should do. Importantly, there are still … Continue reading

Posted in Codesign, Encryption, iPad, iPhone, Mac, NSConf, Talk | Comments Off on More NSConf code signing fun

Code snippit from NSConference presentation

Here’s the code I used to display the code signature status within the sample app at NSConference. You need to be using the 10.6 SDK, and link against Security.framework. #import <Security/SecCode.h> – (void)updateSignatureStatus { SecCodeRef myCode = NULL; OSStatus secReturn … Continue reading

Posted in Codesign, NSConf, Talk | Leave a comment