Comment by jmb99

1 month ago

If you have the capability to actually skillfully analyze this type of crypto, disassembling the binaries from your device (or at the very least, an ipsw for your device) should be trivial.

After all, you wouldn’t actually be trusting the source code given to you to match what’s running on your device, would you?

1 comment

jmb99

Reply
realusername  1 month ago

Reverse engineering is a separate skillet on its own, on top of the other ones you need to read the source code and good developers aren't necessarily good at that.

> After all, you wouldn’t actually be trusting the source code given to you to match what’s running on your device, would you?

That's why the best practice in the industry follows reproducible builds.