0

Could someone explain to me how (any) general app's processes are authenticated against original code to insure malicious actors don't wreck havoc?

i.e. everyone is using approved or same version of a particular app and someone hasn't written something similar to interact with original.

Mark Queen
  • 21
  • 2

1 Answers1

1

One of the method to check code authenticity is check the checksum and compare it. You can use the following code to compute the checksum.

import hashlib
md5checksum = hashlib.md5("filename.py").hexdigest()
Gautam Krishna R
  • 2,388
  • 19
  • 26
  • Okay. I'm not talking about authenticity of some random file.txt sent to me or checking code of a program I download i.e. a debian jessie iso. I'm asking how is output from an app checked that it was done through approved app. If your 'filename.py' was sent to me using 'our-app', how do I know that an authentic 'our-app' was used to make it? – Mark Queen Jan 03 '17 at 03:30
  • You can simply check the checksum of your app executable and send the checksum along with your randomfile.txt as another parameter every time when it makes a request, So that you can compare the parameter with the stored checksum in the server. This method is not usually preferred since any app can mimic the process if the developer is experienced. You can make your source code unreadable, please see this: http://stackoverflow.com/questions/21065915/hide-protect-python-code – Gautam Krishna R Jan 03 '17 at 16:54