By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
457,911 Members | 1,137 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 457,911 IT Pros & Developers. It's quick & easy.

Assembly Signing

P: n/a
bob
Hello,
I thought assembly signing might add protection against people reverse
engineering my program, removing the protection and using it
illegally.

But it seems they can just stop the clr from authenticating it with Sn
-Vr.

Is that true, or have I misunderstood?

Cheers,

Bob
Nov 16 '05 #1
Share this Question
Share on Google+
3 Replies


P: n/a
bob <bo**********@hotmail.com> wrote:
I thought assembly signing might add protection against people reverse
engineering my program, removing the protection and using it
illegally.
Nope.
But it seems they can just stop the clr from authenticating it with Sn
-Vr.

Is that true, or have I misunderstood?


Well, more than that - they can just remove the protection and
recompile without bothering with strong-name authentication at all.
Only things which actually care about using the signature of the
assembly would notice the difference.

--
Jon Skeet - <sk***@pobox.com>
http://www.pobox.com/~skeet
If replying to the group, please do not mail me too
Nov 16 '05 #2

P: n/a
Signing lets you provide your users with a guarantee that the assembly
originated from you. When you're downloading code from the Internet or an
untrusted medium, you want to ensure that the DLL is what it says it is, and
isn't some spyware application.

If you modify the assembly, the signature will no longer be valid because
the checksum has changed.

If you choose not to authenticate then that's up to you: it's there for
people who want to ensure the source of the assembly.

Assembly signing doesn't encrypt the bytecode or make it difficult to
decompile, you want something like an obfuscator to do that.

--
John Wood
EMail: first name, dot, second name at priorganize.com
"bob" <bo**********@hotmail.com> wrote in message
news:b0**************************@posting.google.c om...
Hello,
I thought assembly signing might add protection against people reverse
engineering my program, removing the protection and using it
illegally.

But it seems they can just stop the clr from authenticating it with Sn
-Vr.

Is that true, or have I misunderstood?

Cheers,

Bob

Nov 16 '05 #3

P: n/a
SN will allow you to protect your assembly so no one can
reference your assembly and then start calling methods.
They can only call your methods if you supply them with
your public key.

There is no way you can protect your assembly from
someone decompiling your code. This is because the CLR
needs to understand your code so it can run it (that's
how .NET is designed). You can use tools such as
Dotfuscator Community Edition which allows you to rename
functions and variables which makes it difficult for
someone to understand what your code is doing.

Hope this helps,
-----Original Message-----
Hello,
I thought assembly signing might add protection against people reverseengineering my program, removing the protection and using itillegally.

But it seems they can just stop the clr from authenticating it with Sn-Vr.

Is that true, or have I misunderstood?

Cheers,

Bob
.

Nov 16 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.