• hemmes@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      28
      arrow-down
      1
      ·
      1 month ago

      Neither the MacTrast nor the original 9to5 article discusses the security behind Apple’s iOS implementation. But we know all firmware packages are signed and I would imagine this would be no different, with the recovery partition OS performing a check of the signature.

    • WolfLink@sh.itjust.works
      link
      fedilink
      arrow-up
      21
      arrow-down
      2
      ·
      1 month ago

      I’m sure Apple over-engineered the security of this to prevent this from becoming a vector for jailbreaking.

      As a nice side effect, I would trust it.

      Plus the people you would get firmware from like this would be your family/friends/coworkers or maybe an Apple Store employee if you really don’t know anyone else with an iPhone.

    • Telodzrum@lemmy.world
      link
      fedilink
      arrow-up
      10
      ·
      1 month ago

      I assume it’s signed by Apple, so yes it’s safe. No, you don’t ever want to have to do this.

    • Ptsf@lemmy.world
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      edit-2
      1 month ago

      A pre-registered checksum will ensure that the downloaded file is what it says it is before running. So yes, it is safe. Unless you’ve found a collision in the checksum algorithm apple is using, although the chances are better that you’ll squeeze water out of dry desert sand.

      (Edit: To those thinking they’ll rely on just code signing for this, you’re likely way off base.)