Code-Signing für Apples iPhone und zukünftige Mac OS Versionen
Ein kritischer Artikel zum Thema Code-Signing mit Fokus auf Apples iPhone SDK und zukünftige Mac OS Versionen von Rogue Amoeba:
Like most technologies, code signing itself is neutral, or ought to be. It can be used for good or evil. Code signing is basically a way to cryptographically prove the origin of a particular piece of code, nothing more.
[...]
Apple currently uses these capabilities in a few beneficial ways. There are several pieces of Mac OS X which depend on knowing the identity of an application. For example, the keychain tracks per-application access privileges. The Leopard firewall can be set to only allow access to certain applications. Parental Controls allows a user to determine which apps another user is allowed to run.
[...]
Let me repeat that: if Apple doesn’t sign your iPhone app, it does not run.
Even for local development, you need to get the code signed. The iPhone SDK is free, but by itself it won’t let you load apps onto an iPhone. When you pay Apple the $99 to enroll in the program, they send you a certificate which can be used to sign your applications. However, they will only work on iPhones which have been provisioned with this certificate.
[...]
Ultimately I think the trend is bad. Code signing itself is a neutral technology, but it gives incredible power to the system vendor, and that power is just waiting to be exercised and abused. I believe that the iPhone is serving as a testbed to see how users and developers will react to an environment with ubiquitous code signing and control. [...]
[Under The Microscope » Blog Archive » Code Signing and You]
