Of course, it remains to be seen if this software uses them. And, you would need access to the key pair used to sign the XML or JSON to determine if the file had been modified (otherwise, someone could just regenerate the signature).
I mean, the software itself, if it has the ability to produce those signatures, may have an import feature for files that don't include those signatures, or an override to import them, or a feature to sign unsigned versions.
I spent a lot of years doing statistical analysis using Excel and other tools. I could alter thousands of lines of data in seconds to completely change the outcome.
Fact: could teach my 2 year old to alter any of those.
Im no programmer but even I know these can be changed in notepad 🙄
They can, but the specs for both XML and JSON include provisions for a digital signature. I posted links here:
https://thedonald.win/p/11QlFgNFTh/x/c/4DpMxRUuNxG
Of course, it remains to be seen if this software uses them. And, you would need access to the key pair used to sign the XML or JSON to determine if the file had been modified (otherwise, someone could just regenerate the signature).
I mean, the software itself, if it has the ability to produce those signatures, may have an import feature for files that don't include those signatures, or an override to import them, or a feature to sign unsigned versions.
I spent a lot of years doing statistical analysis using Excel and other tools. I could alter thousands of lines of data in seconds to completely change the outcome.