How to determine if a dmg file has been compromised

Discussion in 'macOS' started by knb, Nov 17, 2013.

  1. knb macrumors newbie

    Joined:
    Jun 2, 2013
    Location:
    Virginia, US
    #1
    Hi,

    I hired a Mac consultant to create a dmg installer for our software that runs over the web browser (with minimal support OS X version of 10.5.8). Since I don't have a Mac handy myself I asked a few people to try it, most responded it installed fine. That is over two months ago. But a few days ago I received a response from a Mac user with OS X (version 10.5.8, and yes his processor is Intel, we don't support PowerPC chipset) that the installation did not lead to a correct setup.
    It makes me wonder:
    a) if the installer has not been compromised this user should not have got this errorous installation outcome. so, it's possible that the installer that the user downloaded has been compromised.
    b) this installer has not been compromised but the installer itself is faulty.
    c) the user Mac itself may have been compromised that resulted in this outcome.

    Background info:
    The software program in question is a lean app-server-based web app, so, it essentially runs a web app locally. The app-server is written in Java, hence, user's Mac is required to have a version of Java installed.

    In this particular case, judging from the error message the app-server has been loaded.

    So, what's your thoughts/analysis on this? Btw, I'm going to get a Mac myself asap.

    Many thanks.
     
  2. ScoobyMcDoo macrumors 65816

    Joined:
    Nov 26, 2007
    Location:
    Austin, TX
    #2
    I would think (but don't know) that the DMG expansion code would use some sort of CRC or checksum to validate the DMG. You could test this by taking your known good DMG and use a hex editor to change some random bit. Then see if it complains when you try to mount it.
     
  3. chrfr macrumors 603

    Joined:
    Jul 11, 2009
    #3
    DMG files are checksummed when they are opened. Most likely, the issue is due to the extremely outdated version of Java that works with 10.5.8.
     

Share This Page