Code signing

From Lazarus wiki
Revision as of 09:20, 3 October 2013 by Jwdietrich (talk | contribs) (Created page with "Every piece of code may contain viruses, spyware, trojan horses, backdoors, rootkits, keyloggers and other kinds of malware. The risk has dramatically increased with the adven...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Every piece of code may contain viruses, spyware, trojan horses, backdoors, rootkits, keyloggers and other kinds of malware. The risk has dramatically increased with the advent of wide-area networks like the internet, where it is easy to download programs of unknown or unverified origin.

One measure to reduce the effects of malicious code is that some modern operating systems require executables and scripts that have been downloaded from the internet to be signed with a developer's certificate. Code signing confirms the identity of the software author and guarantees that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Therefore, it ensures both authenticity and integrity of the executables.

Code signing is required in iOS and modern versions of Mac OS X. Microsoft implements for Windows a form of code signing based on Authenticode to include information about developers and their code with their programs through the use of digital signatures.

See also