On 20 Feb 2012, at 11:50, David Arno wrote: > If we generate MD5 hashes for the SDK SWCs, > then the loader could check those hashes on load. Would that not be secure > enough, or is there a flaw in that idea?
i don't know enough about security, but in probing for flaws in that idea I'd approach from: * what happens if an application can't reach the central md5 store? * Can I 'man-in-the-middle' and inject badLibrary with corresponding md5 to make it look good - i.e. spoof the central repository * can i get a badLoader into the application *shruggs*
