ASP.NET 2005 hack-proof?

It works the same. You should use an obfuscator on .Net 2 exes and dlls,
just like on 1.x.
"Edwin Knoppert" <ne**@hellobasi c.com> wrote in message
news:43******** **************@ text.nova.plane t.nl...

I know ASP.NET 1.x generated dll's which decompilable to plain c or vb
(afaik, i never used 2003)

Is this problem solved in 2005?
We ever want to distribute 2005 compiled code.
And it seems all like ordinary dll's at first.
Is the code i wrote retrievable?

Thanks!

PS, this is not a discussion about decompiling to win32 assembly code.

Anyone having such a tool?
The tools i found on internet are extremely expensive!

That dodo from Xenocode must be insane $2000 USD.
Their trial also connects through internet.
Wonder if this is not so when i purchase such a tool.
(Maybe the $99 version)


"Jon" <ru******@msn.c om> schreef in bericht
news:OX******** ******@TK2MSFTN GP11.phx.gbl...

It works the same. You should use an obfuscator on .Net 2 exes and dlls,
just like on 1.x.
"Edwin Knoppert" <ne**@hellobasi c.com> wrote in message
news:43******** **************@ text.nova.plane t.nl...

I know ASP.NET 1.x generated dll's which decompilable to plain c or vb
(afaik, i never used 2003)

Is this problem solved in 2005?
We ever want to distribute 2005 compiled code.
And it seems all like ordinary dll's at first.
Is the code i wrote retrievable?

Thanks!

PS, this is not a discussion about decompiling to win32 assembly code.

How much difference does that make? Is source still retrievable? I mean are
we getting a false sense of security?

Thanks

Regards

"Jon" <ru******@msn.c om> wrote in message
news:OX******** ******@TK2MSFTN GP11.phx.gbl...

It works the same. You should use an obfuscator on .Net 2 exes and dlls,
just like on 1.x.
"Edwin Knoppert" <ne**@hellobasi c.com> wrote in message
news:43******** **************@ text.nova.plane t.nl...

I know ASP.NET 1.x generated dll's which decompilable to plain c or vb
(afaik, i never used 2003)

Is this problem solved in 2005?
We ever want to distribute 2005 compiled code.
And it seems all like ordinary dll's at first.
Is the code i wrote retrievable?

Thanks!

PS, this is not a discussion about decompiling to win32 assembly code.

"John" <Jo**@nospam.in fovis.co.uk> wrote in message
news:%2******** ********@tk2msf tngp13.phx.gbl. ..

How much difference does that make?
It will deter the casual decompiler, nothing more.
Is source still retrievable?
Yes, given enough time and resource...
I mean are we getting a false sense of security?

It largely depends. A skilled and determined car thief will be able to steal
your car no matter how carefully you lock it...

You could also try the Obfuscator included with VS 2005.

Juan T. Llibre
ASP.NET.FAQ : http://asp.net.do/faq/
ASPNETFAQ.COM : http://www.aspnetfaq.com/
Foros de ASP.NET en Español : http://asp.net.do/foros/
=============== =============== ========

"Edwin Knoppert" <ne**@hellobasi c.com> wrote in message
news:43******** **************@ text.nova.plane t.nl...

Anyone having such a tool?
The tools i found on internet are extremely expensive!

That dodo from Xenocode must be insane $2000 USD.
Their trial also connects through internet.
Wonder if this is not so when i purchase such a tool.
(Maybe the $99 version) "Jon" <ru******@msn.c om> schreef in bericht news:OX******** ******@TK2MSFTN GP11.phx.gbl...

It works the same. You should use an obfuscator on .Net 2 exes and dlls, just like on 1.x.
"Edwin Knoppert" <ne**@hellobasi c.com> wrote in message
news:43******** **************@ text.nova.plane t.nl...

I know ASP.NET 1.x generated dll's which decompilable to plain c or vb (afaik, i never used 2003)

Is this problem solved in 2005?
We ever want to distribute 2005 compiled code.
And it seems all like ordinary dll's at first.
Is the code i wrote retrievable?

Thanks!

PS, this is not a discussion about decompiling to win32 assembly code.

Comparing of apples and oranges..?
"Mark Rae" <ma**@mark-N-O-S-P-A-M-rae.co.uk> schreef in bericht
news:ua******** ******@tk2msftn gp13.phx.gbl...

"John" <Jo**@nospam.in fovis.co.uk> wrote in message
news:%2******** ********@tk2msf tngp13.phx.gbl. ..

How much difference does that make?

It will deter the casual decompiler, nothing more.

Is source still retrievable?

Yes, given enough time and resource...

I mean are we getting a false sense of security?

It largely depends. A skilled and determined car thief will be able to
steal your car no matter how carefully you lock it...

> Comparing of apples and oranges..?

Not at all.

Obfuscation is not fool-proof once the DLL is obtained. In fact, nothing is.
Decompilation is always possible. If the computer can read the DLL, so can a
decompiler.

Earlier, John asked if "we [are] all getting a false sense of security." I
would argue that we are all getting a false sense of INsecurity. In fact,
obfuscation should not be necessary at all. If anyone other than the author
can get to the DLLs on the server file system, there is already a huge hole
in the security for that system.

Software thievery is exactly like "real-life" thievery. It is the illegal
acquisition of another person's property. And just as in "real-life"
thievery, there are levels of expertise in the thievery realm. There are
shoplifters, and there are safe-crackers. And software should be protected
in the same way that "real-life" property should be protected, according to
its value, because the higher the level of protection you wish to employ,
the more it will cost you. Nobody has yet robbed Fort Knox. but in 1936 it
cost over a half-million dollars to build the gold depository vault, and the
Fort has an annual budget of over 12 million dollars. Obviously, you don't
want to spend that much money to protect your wallet.

So, the amount of trouble, time, and expense to protect intellectual
property should be proportional to the value of the property. And again, if
a hacker can break into the file system of the web server, obfuscation isn't
any solution at all. Fixing the security hole in the web server is the
solution.

--
HTH,

Kevin Spencer
Microsoft MVP
..Net Developer
You can lead a fish to a bicycle,
but you can't make it stink.

"Edwin Knoppert" <ne**@hellobasi c.com> wrote in message
news:43******** **************@ text.nova.plane t.nl...

Comparing of apples and oranges..?
"Mark Rae" <ma**@mark-N-O-S-P-A-M-rae.co.uk> schreef in bericht
news:ua******** ******@tk2msftn gp13.phx.gbl...

"John" <Jo**@nospam.in fovis.co.uk> wrote in message
news:%2******** ********@tk2msf tngp13.phx.gbl. ..

How much difference does that make?

It will deter the casual decompiler, nothing more.

Is source still retrievable?

Yes, given enough time and resource...

I mean are we getting a false sense of security?

It largely depends. A skilled and determined car thief will be able to
steal your car no matter how carefully you lock it...

Edwin Knoppert wrote:

"Mark Rae" <ma**@mark-N-O-S-P-A-M-rae.co.uk> schreef in bericht
news:ua******** ******@tk2msftn gp13.phx.gbl...

"John" <Jo**@nospam.in fovis.co.uk> wrote in message
news:%2****** **********@tk2m sftngp13.phx.gb l...

How much difference does that make?It will deter the casual decompiler, nothing more.

I mean are we getting a false sense of security?

It largely depends. A skilled and determined car thief will be able to
steal your car no matter how carefully you lock it...

Comparing of apples and oranges..?

Why not? It's all fruit :oD

re:

Comparing of apples and oranges..?

Why not? It's all fruit :oD

It's easy to tell it's, finally, Friday!

Juan T. Llibre
ASP.NET.FAQ : http://asp.net.do/faq/
ASPNETFAQ.COM : http://www.aspnetfaq.com/
Foros de ASP.NET en Español : http://asp.net.do/foros/
=============== =============== ========