Announcement

Collapse
No announcement yet.

Additional security - validate signature of TrueUpdate.exe?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ulrich
    replied
    Hello, not sure if you saw this, but it also is related to your post. I released an update of my HTTP plugin, and it allows now to validade the SSL certificate of the server where you download the TrueUpdate client files from (of course, assuming that you use HTTPS for this, which I believe is the current practice). You can find the post here and the plugin installer is here.

    Ulrich
    Consulting Services and Software Extensions

    Leave a comment:


  • wwojo
    replied
    Thanks Ulrich. Let me look into that.

    Leave a comment:


  • Ulrich
    replied
    In order to somebody to replace the dat file with a new working version, access to the project file (holding the encryption key) would be required. If the current dat file is replaced with something else, like a dat file created from a different project just with the same file name, the update client would not be able to decrypt it and the process would stop there.
    If you are concerned that somebody replaces your data file, then you could download it manually at the start of the Client Script, have the MD5 checked and compare that value with something stored elsewhere, like a SQL database you could query, an encrypted text file on the server, etc. If you suspect that the file was tampered with, exit the script before calling TrueUpdate.GetServerFile().
    As for the client update executable, it is recommended that you code sign your programs. You could then validate the certificate used to sign the executable via code/plugin/DLL/external utility and stop if the certificate does not match the expected data.

    Ulrich

    Leave a comment:


  • Additional security - validate signature of TrueUpdate.exe?

    We have begun adding additional security to our auto update routine. One area we see as a hole we are trying to fix is if the server was compromised and they replaced our exe and dat with their own. You can see this being a downside to updating itself. With all the documentation for TrueUpdate, I only see a way to detect after the update has already occurred. There is text indicating something within the ts1 indicates an update is necessary, but that is probably not something IndigoRose wants to release. Is there another way to detect a pending update to the exe/dat files? Thanks
Working...
X