• Home
  • Apple
  • iOS
  • Mac
  • News
  • Apple Offers Developers Info on How to Verify Integrity of Their Xcode Installation

Apple Offers Developers Info on How to Verify Integrity of Their Xcode Installation

Apple Offers Developers Info on How to Verify Integrity of Their Xcode Installation

Following last week’s reveal of the new iOS malware XcodeGhost, which was spread via an infected version of Apple’s Xcode development studio, Apple has supplied instructions for developers to ensure the integrity of the version of Xcode installed on their machines.

Apple Offers Developers Info on How to Verify Integrity of Their Xcode Installation

Apple has sent emails to developers, offering information on how to check their downloads of Xcode to make sure they are clean of malicious code. The company says if Xcode is downloaded from the Mac App Store or the Apple Developer Center, and as long as Gatekeeper is enabled, OS X will automatically check the app’s code signature, and validate it against Apple’s own code.

Any developers who have obtained their copy of Xcode from another source, (and really, show some common freaking sense, and don’t do that), should follow a set of instructions to make sure their copy is clean.

To verify the identity of your copy of Xcode run the following command in Terminal on a system with Gatekeeper enabled:
spctl –assess –verbose /Applications/Xcode.app

where /Applications/ is the directory where Xcode is installed. This tool performs the same checks that Gatekeeper uses to validate the code signatures of applications. The tool can take up to several minutes to complete the assessment for Xcode.

The tool should return the following result for a version of Xcode downloaded from the Mac App Store:
/Applications/Xcode.app: accepted
source=Mac App Store

and for a version downloaded from the Apple Developer web site, the result should read either
/Applications/Xcode.app: accepted


/Applications/Xcode.app: accepted
source=Apple System

Any result other than ‘accepted’ or any source other than ‘Mac App Store’, ‘Apple System’ or ‘Apple’ indicates that the application signature is not valid for Xcode. You should download a clean copy of Xcode and recompile your apps before submitting them for review.

A malicious version of Xcode had been uploaded to Chinese cloud file sharing service Baidu and downloaded by some iOS developers in China. Those developers then unknowingly compiled apps using the malicious version of Xcode, and then made those apps available on the iOS App Store.

Chinese developers commonly download new versions of Apple’s development studio from servers other than Apple’s official source, due to the large size of the app, which can take a long time to download in China.

Versions affected are unofficial versions between Xcode 6.1 and Xcode 6.4. Affected iOS devices include any device running a version of iOS that is compatible with the infected apps. This can affect any iOS device, jailbroken or not.

XcodeGhost affected possibly hundreds of apps in the iOS App Store. iOS users who want to learn more about the malware, can read this MacTrast article.

  1. 445349 138779Howdy just wanted to give you a brief heads up and let you know some of the pictures arent loading properly. Im not confident why but I feel its a linking concern. Ive tried it in two different web browsers and both show exactly the same outcome. 822697

  2. 386982 786058Youre so cool! I dont suppose Ive read anything like this before. So good to search out any individual with some original thoughts on this topic. realy thank you for starting this up. this website is one thing thats wanted on the web, somebody with a bit of originality. valuable job for bringing something new to the internet! 210428

  3. 370652 754464You need to join in a contest very first of the finest blogs on the internet. I most definitely will suggest this site! 58474

  4. 264940 603643Nice post. I learn something a lot more challenging on different blogs everyday. It will always be stimulating to read content from other writers and practice a bit something from their store. Id prefer to use some with the content on my weblog whether you dont mind. Natually Ill give you a link on your web blog. Thanks for sharing. 100329

  5. 910840 246656Your weblog is showing much more interest and enthusiasm. Thank you so significantly. 410523

  6. 170523 779870Deference to op , some superb entropy. 651503

  7. 298237 397184Gnarly post mate, maintain the great work, just shared this with ma friendz 326093

  8. sbo says:

    471534 545536Its amazing as your other posts : D, appreciate it for putting up. 441153

Leave a Reply

Your email address will not be published.