Re: Code Signing And Hacking
From: Nicole Calinoiu (calinoiu)
Date: 10/15/04
- Next message: Nicole Calinoiu: "Re: Security problem when dynamically creating directories"
- Previous message: Eugene Mayevski: "Re: Code Signing And Hacking"
- In reply to: Vivek: "Code Signing And Hacking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 15 Oct 2004 07:22:13 -0400
Vivek,
If you are referring to strong name signing, the compact framework offers
the same protections against post-signing modifications as does the full
framework. If you are referring to Authenticode signing, the signature will
not be present on the executable rebuilt from IL, so it becomes essentially
irrelevant. That said, Authenticode signatures are not used by any version
of the .NET framework for anti-tampering prevention anyway, so the only
effect will be on trust levels that might be based on the assembly evidence.
HTH,
Nicole
"Vivek" <v_mangal@hotmail.com> wrote in message
news:ezIj5ahsEHA.2560@tk2msftngp13.phx.gbl...
> Folks,
> I have a simple question about how CompactFramework Runtime handles Code
> Signing and hacking. My scenario is that i have a signed assembly. A
> hacker ILDasm it, changes something, and recompile it back to executable.
>
> 1. Is it possible to Recompile back into executable (since the original
> one was signed) and the hacker dont have a certificate?
> 2. If (1) is true, then would runtime detect that it has been hacked?
>
> Thanks
> Vivek
>
- Next message: Nicole Calinoiu: "Re: Security problem when dynamically creating directories"
- Previous message: Eugene Mayevski: "Re: Code Signing And Hacking"
- In reply to: Vivek: "Code Signing And Hacking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
