> Comparing of apples and oranges..?
Not at all.
Obfuscation is not fool-proof once the DLL is obtained. In fact, nothing is.
Decompilation is always possible. If the computer can read the DLL, so can a
decompiler.
Earlier, John asked if "we [are] all getting a false sense of security." I
would argue that we are all getting a false sense of INsecurity. In fact,
obfuscation should not be necessary at all. If anyone other than the author
can get to the DLLs on the server file system, there is already a huge hole
in the security for that system.
Software thievery is exactly like "real-life" thievery. It is the illegal
acquisition of another person's property. And just as in "real-life"
thievery, there are levels of expertise in the thievery realm. There are
shoplifters, and there are safe-crackers. And software should be protected
in the same way that "real-life" property should be protected, according to
its value, because the higher the level of protection you wish to employ,
the more it will cost you. Nobody has yet robbed Fort Knox. but in 1936 it
cost over a half-million dollars to build the gold depository vault, and the
Fort has an annual budget of over 12 million dollars. Obviously, you don't
want to spend that much money to protect your wallet.
So, the amount of trouble, time, and expense to protect intellectual
property should be proportional to the value of the property. And again, if
a hacker can break into the file system of the web server, obfuscation isn't
any solution at all. Fixing the security hole in the web server is the
solution.
--
HTH,
Kevin Spencer
Microsoft MVP
..Net Developer
You can lead a fish to a bicycle,
but you can't make it stink.
"Edwin Knoppert" <ne**@hellobasi c.com> wrote in message
news:43******** **************@ text.nova.plane t.nl...
Comparing of apples and oranges..?
"Mark Rae" <ma**@mark-N-O-S-P-A-M-rae.co.uk> schreef in bericht
news:ua******** ******@tk2msftn gp13.phx.gbl... "John" <Jo**@nospam.in fovis.co.uk> wrote in message
news:%2******** ********@tk2msf tngp13.phx.gbl. ..
How much difference does that make?
It will deter the casual decompiler, nothing more.
Is source still retrievable?
Yes, given enough time and resource...
I mean are we getting a false sense of security?
It largely depends. A skilled and determined car thief will be able to
steal your car no matter how carefully you lock it...