From the course: iOS Development: Security
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Code signing
- [Instructor] Code signing and runtime process security ensure that attackers can't get their malicious code to run. Third-party apps need to be signed using an Apple-issued certificate. This guarantees that all apps come from trusted and approved sources. iOS prevents users from installing unverified apps from unknown developers. The system performs additional runtime checks to ensure that the app hasn't been tampered with. That's achieved by comparing the hashes of every executable memory page against the cryptographic hashes generated by Xcode for every executable and resource. Xcode writes these hashes into the Xcode directory and uploads it along with the app to the App Store. If an attacker injects their code, the runtime hashes are modified, thus they won't match the one store in the code directory and the system refuses to run the app.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.