Join Sean Colins for an in-depth discussion in this video Code-signing certificates, part of Understanding Secure Sockets Layer.
- One type of certificate that we're not going to really show in this course is a code-signing certificate, but it's an important one for you to understand. So I wanted to put it into the course anyway. We're going to talk about they are and why they exist. So understanding code-signing certificates, first let's talk about why they need to exist. Applications execute instructions on your computer, right? And so, by their very nature that's dangerous. If the application's not doing what you expect it to do, it could be executing malicious code and that could be doing all sorts of things, really anything.
Copying your data off to places where you don't know they're going, could be intercepting data, could be executing instructions into your applications, could be, you know, we get back to the same kinds of examples that you always hear whenever you hear about security, right? Accessing your bank records, accessing your identity, changing information without your knowledge or without your approval, all of that sort of things. So could be very dangerous. Suffice to say that if an application executes malicious instructions your system will be at risk, right? So without some kind of verification of the authenticity of an application, you know, it could be doing just about anything and you would never know it and every time you ran an application that application could be something other than what you would expect it to be.
Let me give you an example where I've seen something like that happen in the past. Many, many years ago when working for a school I was asked to help them out with the securing of applications into a blacklist, right, a list of applications that we're not allowed to run on machines that were being managed. So, ok no problem, did that and they explained to me that they really wanted to be sure that the applications were locked down because they had tried to do this previously and they've done all the right things but the applications that they didn't want to run were things like terminal, right? So they wouldn't want the students to be able to use terminal because they were standard users and terminal gave them access to too many things that they felt were dangerous and so they said, "No, you shouldn't be able to run terminal".
Students were like, "Well no we'd really like to "run terminal so why don't we just take the "terminal application, change it's application "icon to the address book icon and name it address book," and then they would double click on it and it would launch. Even though the system had been managed to say that they couldn't launch the terminal application. As far as the system was concerned it was launching an application named address book. And to the user it looked like an address book so if the teacher looked at what they were double clicking on they wouldn't be any of the wiser. Until, of course, the terminal window opened up. So that fell apart for the kids pretty quickly.
The schools found ways around that, but this is clearly a problem. And this is just one example of many, right? So replace clever students with clever developers and we get code-signing certificates, right, because we need to be able to verify via a signature that an application is what it says it is and that it hasn't been tampered with, again remember we have in the ability here to assign things with signatures and to use certificates to prove that things are what they say they are. We can be tamper evident, right? And so if an application is tampered with the system will know that it's not what it's supposed to be, checksums will be invalid, etcetera.
And so you won't be able to launch it without a warning. Or it won't launch at all. So the cool thing here is that we have the ability now to identify and verify our apps with these code-signing certificates. Now you can do this by purchasing the code-signing cert from a third-party SSL vendor, or if you have a self-run certificate authority, or if you have a self-signed certificate authority and you want to manage this internally. You can manage internal applications that you may be writing in your own organization that never go outside of your organization and you can do code-signing in that fashion.
But typically if you're an application developer you're going to be using code-signing in a more public way. If you're an Apple application developer, Apple makes it very easy for you right within Xcode, you can apply for the code-signing certificate that you will need in order for you application to be launched and put up on the Mac app store. Or on the iTunes app store, if it's an iOS app. So just be aware that those things are out there and that they are extremely useful in validating that applications are what they say they are.
- SSL communications
- Certificate authorities
- Public key infrastructures
- Symmetric and asymmetric key pairs
- Cryptographic hash functions
- Encryption algorithms
Start now, and by the end of this course you'll have the knowledge to create SSL certificates, as well as revoke and renew them, from the command line.