I could be wrong, but my understanding of the current state of affairs WRT iPhone application cracking is that the hackers are taking the easy and obvious route of short-circuiting the code signing authentication with the info.plist modification, and thus haven't the need to examine binaries -- yet. And, until the hackers realize that their current approach is ineffective, there may never come a time when they're peeking into our binaries.
If we can assume that more and more developers will start implementing an info.plist check as a counter, the hackers will find that their efforts to crack our applications are failing. Do we know that the hackers have no choice but to start peeking the binaries? Should we developers be thinking one step ahead of the hackers and now be implementing countermeasures against this?
I'm actually quite curious about this. Perhaps this can be opened up as a new topic of discussion.
|
