Wednesday, November 24, 2004

No, Strong Names are NOT for code security :-(

Well, finally it seems to have dawned upon me that the .Net strong names are not really meant to secure your code. The last nail in the coffin was the revelation that one can easily tamper an assembly header to disable the strong name verification - without even removing the strong name! This effectively defeats the case of using strong names for cross referencing of assemblies based on strong names.

Read this thread:
Signed assemblies easily cracked?

Спасибо Valery and Danke Frank!

1 comment:

Anonymous said...

Cool! I really liked that "спасибо" to me :) and I'm really glad to hear that you appreciated my input on the issue, thanks :)