Security - Securing Data and Apps from Unauthorized Disclosure and Use RRS feed

  • General discussion

  • Data is only as secure as the apps that process it, and even production apps can expose their data to a debugger. Joe Sewell explains how tooling included with Visual Studio can make your .NET apps detect, report and respond to unauthorized debugging and other runtime attacks.

    Read this article in the November 2017 issue of MSDN Magazine

    Wednesday, November 1, 2017 8:55 PM

All replies

  • What keeps an attacker from removing all tamper checks? Is adding several checks just increasing the difficulty of finding them all, or can you make it impossible to tamper with the binary without being able to notice?

    Bob - www.ContrivedExample.com

    Thursday, December 21, 2017 9:26 PM
  • Hi, Bob. Thanks for the question.

    Yes, adding additional Checks increases the difficulty for an attacker to find them all and bypass the tamper detection and response. In principle, it's not possible to make the app "impossible" to tamper, but using Checks with other controls (like access control, Authenticode signing, and code obfuscation) can make it practically infeasible.

    Joe Sewell jsewell@preemptive.com

    Software Engineer & Technical Writer

    PreEmptive Solutions

    • Edited by Joe Sewell Friday, December 22, 2017 1:56 AM signature
    Friday, December 22, 2017 1:55 AM
  • Thank you for the quick reply. Another question, I assume none of these checks can be enforced if the user can acquire a memory dump instead of attaching to a process? And the usual defense in-depth strategies still apply.

    Bob - www.ContrivedExample.com

    Saturday, December 23, 2017 4:46 PM
  • Yes, that's correct.

    Joe Sewell
    Software Engineer & Technical Writer
    PreEmptive Solutions

    Tuesday, January 2, 2018 4:39 PM