Timeline for Is it possible to insert the hash of an executable into the executable itself without changing the resulting hash? What's the best alternative?
Current License: CC BY-SA 3.0
3 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| May 18, 2011 at 10:34 | comment | added | Luke Graham | I have to admit I can't think of any better solutions. Anything you distribute with the executable can just be changed as well so is only providing obscurity. You need to balance security against usability. Of course, even if you fetch a hash over the internet a malicious program could trap that request and spoof the reply so you would need to consider SSL and suitable authentication. | |
| May 18, 2011 at 9:45 | comment | added | Danger Doug | Do you have any suggestions besides public keys and fetching the hash from a remote location as sugested by Adam Byrtek? | |
| May 18, 2011 at 9:38 | history | answered | Luke Graham | CC BY-SA 3.0 |