-
Posts
-
By sphbecker · Posted
I honestly think WSL is one of the coolest things about Windows. The fact that you can type one command and now your computer also runs Linux, without any VM or OS setup is impressive. Yes, it is a VM under the covers, but what is impressive is how seamless and simple it all is. -
By +Good Bot, Bad Bot · Posted
You still shouldn’t want a WhatsApp account. You made it this long why would you need one now? -
By ad47uk · Posted
Zen is based on Firefox anbd don't have any A.I at all -
By ad47uk · Posted
I don't use Edge, I don't even use Windows these days as my main driver. Mac these days I use and Zen browser -
By Karthik Mudaliar · Posted
Apple releases iOS 26.5.2 with dozens of security fixes for iPhone by Karthik Mudaliar Apple has released iOS 26.5.2 and iPadOS 26.5.2, which are security-only updates for the iPhone and the iPad. The update brings a bunch of security fixes for WebKit, WebRTC, WebKit Storage, WebKit Canvas, Web Extensions, libxslt, IOGPUFamily, and even the kernel. Some of the WebKit issues that were fixed could have allowed malicious web content to disclose sensitive user information, exfiltrate cross-origin data, crash Safari, or process restricted web content outside the browser sandbox. One notable WebKit Storage bug could let a malicious website to silently hijack clipboard data, according to Apple’s description. Other WebKit-related flaws involved memory corruption, use-after-free bugs, type confusion, out-of-bounds writes, permissions problems, and cross-origin data handling issues. The update also includes three kernel-related fixes. Apple says one of the flaws could let an app write kernel memory or cause unexpected system termination, while another may leak sensitive kernel state, and a third could corrupt kernel memory or terminate the system unexpectedly. Although Apple hasn't described them as remote web attacks, kernel bugs are still important to fix, as they can sometimes be chained with other flaws to escape app or browser restrictions. The updates are available for iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later. Similar security fixes also came with the latest update to macOS Tahoe 26.5.2, which Apple released on the same day. That overlap is not surprising, since Safari, WebKit, WebRTC, and other underlying components are shared across Apple’s platforms. Users are advised to update their devices sooner rather than later as these security fixes are crucial. iOS 26.5.2 can be installed from Settings > General > Software Update. Similarly, Mac users can find macOS Tahoe 26.5.2 through System Settings > General > Software Update.
-
-
Recent Achievements
-
NovaEdgeX earned a badge
Reacting Well
-
NovaEdgeX earned a badge
Week One Done
-
BA the Curmudgeon earned a badge
One Year In
-
rosiecharles earned a badge
Conversation Starter
-
KMilenkoski1202 earned a badge
First Post
-
-
Popular Contributors
-
Tell a friend
.thumb.png.b7089ebbdf00d96b3b92dddbd04bac02.png)
Question
firey
So, for work I am developing an entire framework completely written in C#, though with the way it is written, I support the loading of DLLs written in any .NET 4 language (VB.Net, C++.Net, etc). The way it is written would be similar to Android, or iOS in such that people (customers) can create their own modules (dlls) and publish them in a market, download modules, etc, etc.
The way it is written is that I have a framework of DLLs which hold 90% of the functions, loading addons, network connection clsses, basically things that modules can have access to without having to re-write an entire class to support it each time. This also allows for me to update 1 DLL and have the change reflect on all modules that reference it.
There is then a base program which generates instances of classes, and provides the graphical interface for modules to be loaded into. What I want to do, is more or less verify the framework DLL's and verify the modules that I have written, as I include an Author as part of the module, I need to ensure that the Author is who the program says it is. Modules are fully controlled by the server so I am not worried about copying DLL files, though I would like to add in some form of protection to them. I am considering having random bytes throughout the DLL hold parts of the registered serial when the module is downloaded from the server.
So, in essence my question is two parts, I have searched on google but couldn't find anything related to what I want.
Part 1. A way to read a digital signature on the framework DLL files to validate the Authenticity of them, if this is not possible, then lump it with part 2.
Part 2. A way to protect / link DLLs to a specific registered copy of the core program. As the modules themselves aren't licensed, I need to figure out a way to sign them (however I would need a way to check the signature programatically), or have them be checked for
a) Validity
b) The core they are linked to when downloaded (to prevent copying). As I say it is server controlled, but cut the internet connection and there is no way to validate. Due to the nature of the market this is for, not everyone has an active internet connection, and those that do can be veyr tightly controlled, so a pure internet requirement is not possible.
Link to comment
https://www.neowin.net/forum/topic/1060826-c-file-digital-signaturesverification/Share on other sites
0 answers to this question
Recommended Posts