Is each Dev Kit marked with a "Signature?"

[Swad]

Discorocker has compared selected files from three different Dev Kits, and after doing some fancy work with hashes and hex editors, discovered that the files in each dev kit are marked with unique "signatures" (6 bytes long).

 

At this point, we have no idea what these markers in only a few of the files means. These could be actual signatures that are a function of the TPM. Or it could be something random done at installation. At this point we don't know much more than that, but I thought I'd update everyone! If I've missed any info, feel free to add on.

[paulpaul]

I have heard that the developer kits do include signatures.

 

However, I am unaware that if it's only on the CD or on each file also.

 

It would seem logical to understand why Apple would do so.

[makasin]

all the DVDs are identical, just the HDs probably have some sort of security

[Mr. Bond]

Yes we know the DVD's are identical.....It's the fact that the TPCM control is most likely watermarking files with a uniqe code from each dev machine. So basically, Apple could use this to track leaks of certan files to a certain dev machine. DO we know if the signatures are simply randomnly generated bits of code, or are tied into something like an ADC ID somehow?

[rose]

if it is true that all dvds are identical [more than likely... it would be so expensive to sign eahc of them with a unique key..

 

than again macs love bein gexpensive or so i though beofre the mac mini came out and they changed over to intel.]

 

then why hasa dvd iso been so slow to leak?

 

what the helll?!

[Mr. Bond]

Simply Put....Apple Legal. And the fact that the devs who actualyl pay yearly fees for their ADC account dont want to chance that being revoked.

[Zack]

I think that this "signature" is in Mac OS X v10.4 for PPC as well. I have no idea what it's for but I have verified that on two different machines with fresh 10.4 installs from the same DVD, every Apple-installed binary has different MD5 sums from machine to machine as a result of a 6 byte, apparently random code at the start of the file.

 

I discovered this attempting to deploy a patch for the iChat binary using MD5 checksums to verify my work, only to have the checks fail every time.

 

If I were to venture a blind guess, I'd say it's a record of prebinding, perhaps a datestamp.

[Swad]

Zack -

Welcome, BTW! Well, that certainly sounds like what we're looking at. It's interesting to know that it happens in the PPC version too - it at least tells us that it's not a function of the TPM.

[NikWest]

I think the different signatures are due to the fact that executables and libs are prebound. After installing something with Installer a process is started which prebinds all newly installed binaries.

 

NikWest

[das]

There is most definitely not any signature or unique information on Mac OS X 10.4.x (PowerPC) DVDs (or CDs). They are all identical. There is no identifying information whatsoever. As you guessed, it is a result of prebinding.