There is a general perception about signing an assembly protects against hacking/modifying the code. But then there are well known way of ILDASMing to remove these signatures. I am wondering if there are anyways to protect my .net assembly against someone removing the signature? Does seem like obfuscating my code can be anyhelpful in this scenario.
views:
43answers:
2You can't stop someone from removing the signature.
Signed assemblies wasn't designed for this purpose. The system is designed to protect users of the program from running untrusted code that could harm their system. It was not designed to protect the publishers from the users modifying their code.
You can have a look at obfuscation but you should be aware that a determined enough user will still be able to reverse-engineer and modify the code.
Related:
There exist two types of signing - signing using sn.exe tool and Authenticode signing. They were designed for different purposes, but none of them is very usable in protecting your application from changes.
You need to identify possible threats and depending on them find ways to protect your assets. For most needs obfuscation of code is the only solution. It doesn't protect from all modifications, but it does protect from looking into the code and partially from some modifications.