Remove From My Forums

Security - Securing Data and Apps from Unauthorized Disclosure and Use

General discussion
1

Sign in to vote

Data is only as secure as the apps that process it, and even production apps can expose their data to a debugger. Joe Sewell explains how tooling included with Visual Studio can make your .NET apps detect, report and respond to unauthorized debugging and other runtime attacks.

Read this article in the November 2017 issue of MSDN Magazine

Wednesday, November 1, 2017 8:55 PM

All replies

0

Sign in to vote

What keeps an attacker from removing all tamper checks? Is adding several checks just increasing the difficulty of finding them all, or can you make it impossible to tamper with the binary without being able to notice?
Bob - www.ContrivedExample.com

Thursday, December 21, 2017 9:26 PM
0

Sign in to vote
Hi, Bob. Thanks for the question.

Yes, adding additional Checks increases the difficulty for an attacker to find them all and bypass the tamper detection and response. In principle, it's not possible to make the app "impossible" to tamper, but using Checks with other controls (like access control, Authenticode signing, and code obfuscation) can make it practically infeasible.

Joe Sewell jsewell@preemptive.com

Software Engineer & Technical Writer

PreEmptive Solutions
- Edited by Joe Sewell Friday, December 22, 2017 1:56 AM signature
Friday, December 22, 2017 1:55 AM
0

Sign in to vote

Thank you for the quick reply. Another question, I assume none of these checks can be enforced if the user can acquire a memory dump instead of attaching to a process? And the usual defense in-depth strategies still apply.
Bob - www.ContrivedExample.com

Saturday, December 23, 2017 4:46 PM
0

Sign in to vote

Yes, that's correct.
Joe Sewell
jsewell@preemptive.com
Software Engineer & Technical Writer
PreEmptive Solutions

Tuesday, January 2, 2018 4:39 PM