software update security
Every time 1Password tells me there's an update, something in the back of my head asks, "Is this update coming from Agilebits or has the system been cracked?"
Can you provide some detail on your deployment process to ensure some third party doesn't install a back door into my password vault.
Thank you.
Comments
-
Hi @berto ,
That's an excellent question. We do a couple of things. Here is how we safegaurd the update process:
- When the updater launches, you'll see the icon in the Dock. Right-click and choose Show In Finder to ensure it's the one inside our app. You could also use the Activity Monitor and show its open files to verify it as well.
- When our updater downloads the new version, it also downloads a checksum file from a separate URL. It performs a checksum on the new version and then compares that checksum to what is in the checksum file separately downloaded. If they match, it proceeds.
- It then unzips the file and does a signature check on the app. If it passes that, then it quits the current 1Password and replaces it with the new version and launches it.
The updater and 1Password are both signed. So in order someone else's updater to run and replace your 1Password app with something else, someone would have to infiltrate both our download server, and the checksum file. And if another rogue app were to try to alter 1Password to download it from somewhere else, it would fail the signature check by the OS and would not launch. Also, for another app to remove 1Password and replace it, OS X would prompt you for your Admin password to replace the app with one signed by another developer (or one that isn't signed at all).
I hope that addresses your concerns. If you have further questions, feel free to let us know.
Cheers,
Kevin0
