Got asked these elsewhere so will publish here for reference… Why does encryption matter on DMG if we have HTTPS and signed (notarised) application binaries? - Encryption at rest Encryption protects the contents of the DMG while it is stored on a server, user’s machine, or any other medium. If the storage medium is compromised or accessed without authorisation, the encrypted DMG ensures that the data within it remains secure and unreadable.

串文

2024-06-26 12:23

讚

回覆

轉發

作者

macrike

粉絲

串文

232+

讚

回覆

轉發

24小時粉絲增長

無資料

互動率

(讚 + 回覆 + 轉發) / 粉絲數

NaN%

回覆 (BETA)

最先回覆的內容
發文後	用戶	內容
幾秒內	macrike	- Multi-layered defence Security best practices advocate for multiple layers of defense. While HTTPS protects data in transit and notarisation ensures integrity and authenticity of the app, encryption provides another layer of security for the data at rest. This approach reduces the risk of a single point of failure. - Sensitive info If the DMG contains sensitive info (e.g., proprietary SW, config files, or user data), encryption ensures that this info is protected against unauthorised access.