I'm surprised how this discussion turns out: didn't expect those bits to be controversial at all, and sibling comments make it sound like it's almost better to not have access to sources.
> What was the last time you inspected any command or application you executed on your computer?
A few months ago, and didn't run new code from untrusted sources since.
> How would you spot malicious code? Are you a security expert who has knowledge of all of the programming languages that have been used to write the apps you are running?
So far I haven't run into languages I can't read. Spotting malicious code could indeed be tricky, a subtle but critical vulnerability would easily evade quick skimming, just as malware is still possible even when it comes from a somewhat trusted source. But I'm more certain that a program does what it says it does after skimming its code.
> Apple and many companies have a trivial way of spotting malicious application by simple checksumming the executables.
That's how basic antiviruses work, not specific to Apple. They have to first add that checksum into a database, which isn't viable when we're talking about a small hardware manufacturer shipping their custom software to dozens of clients.
> What was the last time you inspected any command or application you executed on your computer?
A few months ago, and didn't run new code from untrusted sources since.
> How would you spot malicious code? Are you a security expert who has knowledge of all of the programming languages that have been used to write the apps you are running?
So far I haven't run into languages I can't read. Spotting malicious code could indeed be tricky, a subtle but critical vulnerability would easily evade quick skimming, just as malware is still possible even when it comes from a somewhat trusted source. But I'm more certain that a program does what it says it does after skimming its code.
> Apple and many companies have a trivial way of spotting malicious application by simple checksumming the executables.
That's how basic antiviruses work, not specific to Apple. They have to first add that checksum into a database, which isn't viable when we're talking about a small hardware manufacturer shipping their custom software to dozens of clients.