What protection does the /INTEGRITYCHECK MSVC linker option offer, if a malicious file without it can simply be substituted for the authentic file?

The /INTEGRITYCHECK linker option sets a flag that "tells the memory manager to check for a digital signature in order to load the image in Windows". So the general idea is that this ensures the binary is signed by a legitimate,… Continue reading What protection does the /INTEGRITYCHECK MSVC linker option offer, if a malicious file without it can simply be substituted for the authentic file?

My web application needs to have my users’ private keys to sign documents on their behalf. How do I handle that?

Our web application issues governmental documents for our users. Every one of those documents needs to be signed with a private key. However, because our users find it cumbersome to point their browser to their key file every time they wan… Continue reading My web application needs to have my users’ private keys to sign documents on their behalf. How do I handle that?