You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Given OnionBrowser.app/, everything inside other than SC_Info and iTunes{Artwork,Metadata.plist} will be identical among end users. Those files will vary from user-to-user — see this comment for lots more technical detail about this.
So, we can check these files for integrity; this check means that we’re sure that the copy they downloaded from Apple matches a copy that someone else downloaded from Apple. However, this does not mean that the app was not tampered with since I compiled it. (That’s reproducibility, below.)
In the "identical" files above, everything other than the OnionBrowser.app/OnionBrowser binary should be identical from build-time all the way through to the end user's downloaded .ipa. The binary is modified by Apple’s DRM (again, this comment describes it well).
With a jailbroken device (to decrypt the Payload/OnionBrowser.app/OnionBrowser binary and sort of pick away the Apple codesigning magicks), the binary could maybe be verified from build-time through to App Store .ipa, too.
This one’s the hard part.
The text was updated successfully, but these errors were encountered:
I've commented on the Signal issue in an attempt to open up the discussion about what practical steps we can take to get Apple to support this. Please feel free to comment as I believe this initiative will require dev-community-wide support.
Part of this is a reminder to check activity on signalapp/Signal-iOS#641.
User download validation:
Given
OnionBrowser.app/
, everything inside other thanSC_Info
andiTunes{Artwork,Metadata.plist}
will be identical among end users. Those files will vary from user-to-user — see this comment for lots more technical detail about this.So, we can check these files for integrity; this check means that we’re sure that the copy they downloaded from Apple matches a copy that someone else downloaded from Apple. However, this does not mean that the app was not tampered with since I compiled it. (That’s reproducibility, below.)
Ghetto version of this verification in some release notes already — https://github.com/OnionBrowser/iOS-OnionBrowser/releases/tag/v1.5.12
Reproducibility:
In the "identical" files above, everything other than the
OnionBrowser.app/OnionBrowser
binary should be identical from build-time all the way through to the end user's downloaded.ipa
. The binary is modified by Apple’s DRM (again, this comment describes it well).With a jailbroken device (to decrypt the
Payload/OnionBrowser.app/OnionBrowser
binary and sort of pick away the Apple codesigning magicks), the binary could maybe be verified from build-time through to App Store.ipa
, too.This one’s the hard part.
The text was updated successfully, but these errors were encountered: