tags:

views:

84

answers:

2
+1  Q: 

Code signing didn't complain when I changed an exe file?

I purchased a code signing certificate and all looks well. When tested inside a clean Virtual PC OS I no longer get the "The Publisher could not be verified" message.

So just for grins, using a hex editor, I change a few constants in the VB6 exe which I see on a form. And the VB 6 exe still runs wihout any error message.

I thought the code signing certificate would tell you if the file had been changed in any way?

+1  A: 

Yes, Authenticode will indicate that the signature is invalid if the file is modified.

However, running a program from your local disk won't typically check the signature; right-click on the EXE, choose Properties and choose Digital Signatures to see a signature error message.

EricLaw -MSFT-  2009-11-26 04:45:07
Yes, that worked. Interesting. However what concerns me is the screen displayed when the exe has been tampered with. It states "The publisher could not be verified" and is identical to the regular message received when the exe hasn't been signed at all. This concerns me as a tampered exe should have a much bolder message stating "tampered". As well as sirens going off and a blinking/rotating red light.
Tony Toews  2009-11-26 05:27:41
Also the message displayed when I did choose Digital Signatures on my own system was quite boring. All it said was something like invalid digital certificate with a tiny red X.
Tony Toews  2009-11-26 05:59:33
+1  A: 

If an evil-doer can gain enough access to your machine to change bytes in a file then you are already pwnded. The Signature is there mainly to verify files before you install them. You could of course write your own program to scan your files and recheck their signatures for trust, but the evildoer would just change the bytes in your scanner as well.

Jim In Texas  2010-01-05 16:15:20

related questions

What is the operator precedence order in VB6?
VB6 Runtime Type Retrival
What could cause Run-time error 1012 Error accessing application data directories
How to do multi-column sorting on a Visual Basic 6 ListView?
Regex in VB6?
Classes in VB6
ActiveX control default property discovery
How do I click a button on a vb6 form?
VB6 NegotiateMenus
Check if a record exists in a VB6 collection?
What's the simplest .NET equivalent of a VB6 control array?
Calling DLL functions from VB6.
How would you extract data from a MS Project .mpp file?
When must I set a variable to "Nothing" in VB6?
Using Subversion with VB6
How to filter by 2 fields when loading data into an access database table from an excel spreadsheet
Local Currency String conversion VB6
Copying Files over an Intermittent Network Connection
Prevent a TreeView from firing events in VB6?
How to parse XML in VBA
How do I best share an embeddable form in VB6?
'Break' equivalent keyword for VB
How to use a mutex in Visual Basic
Unload a COM control when working in VB6 IDE
How do you migrate a large app from VB6 to VB .net ?