← Back to context

Comment by simonbarker87

4 years ago

I have no problem with checking binaries when I launch them for security. I imagine many of the virus checking apps for windows probably call home with similar information. I doubt very much I’m leaky in any personal information.

What is frustrating is they didn’t handle this situation like they do if I’m offline - don’t get a ping back in less than 500ms or whatever? Go ahead and open anyway. would have solved this eventuality

11 comments

simonbarker87

Reply
zmmmmm  4 years ago

> don’t get a ping back in less than 500ms or whatever? Go ahead and open anyway

how do you do that without defeating the security? Now a malicious attacker just has to wait for a moment when you aren't connected before launching their payload.

  • simonbarker87  4 years ago

    Well it already just lets you launch the app if you’re not connected to the internet so my answer would be “no different to the situation we have now”?

    Also, my understanding is that it’s a hash of the binary being checked so if it failed the verification the first time when you were connected you would have received a warning and the OS would block that executable on your system or given a warning or something? Not sure tbh.

  • initplus  4 years ago

    The feature needs to be implemented using some kind of regularly updated local database, rather than requiring a phone home every time.

    • colejohnson66  4 years ago

      A program signature database, perhaps? We could even call it: antivirus! No, that’s a bad name...

      In seriousness though, the problem with offline databases that are changed a lot is a problem antivirus programs always had: they need updating. You can’t have the “latest and greatest” protection if you don’t know about the newest threat. That’s probably what Apple is doing here: using a database on their end that they wouldn’t have to distribute to end users. It’s not the best way around it, but there isn’t really a “best” way.

      1 reply →

    • elmo2you  4 years ago

      A local database with a hash of every possible non-official Apple app in it? Sounds like something maybe only storage manufacturers will like.

      The thing is, this is not a new security problem/challenge. It essentially can not be properly solved if you don't have a tightly controlled environment. If it's a general purpose environment, where you can't fully control what ends up running on it, this particular approach to "security" is pretty much doomed, no matter how you address it.

      3 replies →

Tepix  4 years ago

> I have no problem with checking binaries when I launch them for security. ... I doubt very much I’m leaky in any personal information.

You should. It's noones business when and how often you run a known tor browser binary.