So how do you do this in practice? Do you just send some guy (that you trust!) hashes of all the files on your system and hope that he spots the backdoored binary soon enough?
Perhaps there's some false assumption there that the "app store" will serve everyone a backdoored binary, instead of performing almost undetectable targeted attacks.
Perhaps there's some false assumption there that the "app store" will serve everyone a backdoored binary, instead of performing almost undetectable targeted attacks.