Hi
I need to be sure that my C# code is as hard as possible to decompile.
Can anyone tell what is the best tool for that job?
Also will this be a part of Visual Studio 2008?
It seems natural to me that the .net framework came with a solution so other
people could not see your source code
Torben
8  4343 
On Oct 18, 8:29 am, "Torben Laursen" <d...@not.workw rote:
I need to be sure that my C# code is as hard as possible to decompile.
Do you really, really need to? I personally believe a lot of people
are somewhat paranoid on this point. That's not to say it's always an
inappropriate concern, but it often is.
See http://pobox.com/~skeet/csharp/obfuscation.html
Can anyone tell what is the best tool for that job?
Also will this be a part of Visual Studio 2008?
It seems natural to me that the .net framework came with a solution so other
people could not see your source code
Well, there is an MS solution which is very recent (and which I
haven't looked at): http://www.microsoft.com/downloads/d...displaylang=en
Jon
"Torben Laursen" <do**@not.workw rote in message
news:98******** *************** ***********@mic rosoft.com...
Hi
I need to be sure that my C# code is as hard as possible to decompile.
Can anyone tell what is the best tool for that job?
Also will this be a part of Visual Studio 2008?
It seems natural to me that the .net framework came with a solution so
other people could not see your source code
Torben
Check out this article. http://www.codeproject.com/showcase/9rays_protect.asp
Todd
Jon,
Thanks for your feed back.
Yes I need it since I write very specialised engineering code that is sold
in a few high cost licenses.
I am looking very hard at the new solution from Microsoft to handle
licenses.
Currently I use a different solution (SentinelLM) but they have raised the
price big time so I need a replacement and I allready have a MSDN.
As fra as I can see right now my best bet is the "Gold dotfuscator" solution
from preemptive.com
Torben
"Jon Skeet [C# MVP]" <sk***@pobox.co mwrote in message
news:11******** **************@ i38g2000prf.goo glegroups.com.. .
On Oct 18, 8:29 am, "Torben Laursen" <d...@not.workw rote:
>I need to be sure that my C# code is as hard as possible to decompile.
Do you really, really need to? I personally believe a lot of people
are somewhat paranoid on this point. That's not to say it's always an
inappropriate concern, but it often is.
See http://pobox.com/~skeet/csharp/obfuscation.html
>Can anyone tell what is the best tool for that job?
Also will this be a part of Visual Studio 2008?
It seems natural to me that the .net framework came with a solution so
other
people could not see your source code
Well, there is an MS solution which is very recent (and which I
haven't looked at):
http://www.microsoft.com/downloads/d...displaylang=en
Jon
On Oct 18, 9:12 am, "Torben Laursen" <d...@not.workw rote:
Thanks for your feed back.
Yes I need it since I write very specialised engineering code that is sold
in a few high cost licenses.
And is piracy a genuine issue within this engineering community? Code
that is sold for a few high cost licences typically doesn't have much
piracy because there's usually a fair amount of communication between
the vendor and the user - that makes it easy to spot pirates.
I am looking very hard at the new solution from Microsoft to handle
licenses.
Currently I use a different solution (SentinelLM) but they have raised the
price big time so I need a replacement and I allready have a MSDN.
As fra as I can see right now my best bet is the "Gold dotfuscator" solution
from preemptive.com
Fair enough. I'd still think about the costs vs actual likelihood of
revenue loss before going too far. Don't forget that the costs are
more than just the upfront cost of the obfuscation software - anything
which effectively changes how your code executes will have
implications in build, test, and support.
Jon
Jon,
You are 100% right, and I have been thinking about this for some time.
I have a lot of contact with my customers and they are all very big
company's so piracy is a minor problem.
However the knowhow inside the code must be protected since what I implement
is public but how to implement it is the big secret.
One thing that I am not clear on is will using ngen.exe give me some
protection against decompiling?
That would be a simple solution
Torben
"Jon Skeet [C# MVP]" <sk***@pobox.co mwrote in message
news:11******** **************@ e34g2000pro.goo glegroups.com.. .
On Oct 18, 9:12 am, "Torben Laursen" <d...@not.workw rote:
>Thanks for your feed back.
Yes I need it since I write very specialised engineering code that is
sold
in a few high cost licenses.
And is piracy a genuine issue within this engineering community? Code
that is sold for a few high cost licences typically doesn't have much
piracy because there's usually a fair amount of communication between
the vendor and the user - that makes it easy to spot pirates.
>I am looking very hard at the new solution from Microsoft to handle
licenses.
Currently I use a different solution (SentinelLM) but they have raised
the
price big time so I need a replacement and I allready have a MSDN.
As fra as I can see right now my best bet is the "Gold dotfuscator"
solution
from preemptive.com
Fair enough. I'd still think about the costs vs actual likelihood of
revenue loss before going too far. Don't forget that the costs are
more than just the upfront cost of the obfuscation software - anything
which effectively changes how your code executes will have
implications in build, test, and support.
Jon
On Oct 18, 10:06 am, "Torben Laursen" <d...@not.workw rote:
You are 100% right, and I have been thinking about this for some time.
I have a lot of contact with my customers and they are all very big
company's so piracy is a minor problem.
However the knowhow inside the code must be protected since what I implement
is public but how to implement it is the big secret.
Is it a secret there is a significant risk that anyone will steal,
however? Would it be obvious if someone *had* stolen it?
One thing that I am not clear on is will using ngen.exe give me some
protection against decompiling?
No, none at all - the metadata is still included after ngen.
Is there any possibility of running the sensitive code on a server you
own, and having the non-sensitive stuff talk to the server? That way
your secret code never gets onto a system which you can't physically
protect - it's the most secure way of protecting algorithms etc.
Jon
On 18 okt, 11:06, "Torben Laursen" <d...@not.workw rote:
Jon,
You are 100% right, and I have been thinking about this for some time.
I have a lot of contact with my customers and they are all very big
company's so piracy is a minor problem.
However the knowhow inside the code must be protected since what I implement
is public but how to implement it is the big secret.
One thing that I am not clear on is will using ngen.exe give me some
protection against decompiling?
That would be a simple solution
Torben
"Jon Skeet [C# MVP]" <sk...@pobox.co mwrote in messagenews:11* *************** ******@e34g2000 pro.googlegroup s.com...
On Oct 18, 9:12 am, "Torben Laursen" <d...@not.workw rote:
Thanks for your feed back.
Yes I need it since I write very specialised engineering code that is
sold
in a few high cost licenses.
And is piracy a genuine issue within this engineering community? Code
that is sold for a few high cost licences typically doesn't have much
piracy because there's usually a fair amount of communication between
the vendor and the user - that makes it easy to spot pirates.
I am looking very hard at the new solution from Microsoft to handle
licenses.
Currently I use a different solution (SentinelLM) but they have raised
the
price big time so I need a replacement and I allready have a MSDN.
As fra as I can see right now my best bet is the "Gold dotfuscator"
solution
from preemptive.com
Fair enough. I'd still think about the costs vs actual likelihood of
revenue loss before going too far. Don't forget that the costs are
more than just the upfront cost of the obfuscation software - anything
which effectively changes how your code executes will have
implications in build, test, and support.
Jon- Tekst uit oorspronkelijk bericht niet weergeven -
- Tekst uit oorspronkelijk bericht weergeven -
Ngen will not help you, because the assembly containing the IL still
has to be deployed on the client's computer. http://www.dotfuscator.com
Yes, you definitely should make it hard for someone
to decompile your assemblies especially in the
arena you are in. It doesn't make it 100% impossible
but does make it very difficult.
Basically, you want to look at ways to minimize the
number of candidates who can decompile your code
and make that effort expensive. In b2b environment,
this will most likely be sufficient.
The dotfuscator guys have some nice tamper
protection tools.
--
Robbe Morris [Microsoft MVP - Visual C#]
..NET PropertyGrid Control - ListBox, ComboBox, and Custom Classes http://www.eggheadcafe.com/tutorials...d-control.aspx
"Torben Laursen" <do**@not.workw rote in message
news:FC******** *************** ***********@mic rosoft.com...
Jon,
You are 100% right, and I have been thinking about this for some time.
I have a lot of contact with my customers and they are all very big
company's so piracy is a minor problem.
However the knowhow inside the code must be protected since what I
implement is public but how to implement it is the big secret.
One thing that I am not clear on is will using ngen.exe give me some
protection against decompiling?
That would be a simple solution
Torben
"Jon Skeet [C# MVP]" <sk***@pobox.co mwrote in message
news:11******** **************@ e34g2000pro.goo glegroups.com.. .
>On Oct 18, 9:12 am, "Torben Laursen" <d...@not.workw rote:
>>Thanks for your feed back.
Yes I need it since I write very specialised engineering code that is
sold
in a few high cost licenses.
And is piracy a genuine issue within this engineering community? Code
that is sold for a few high cost licences typically doesn't have much
piracy because there's usually a fair amount of communication between
the vendor and the user - that makes it easy to spot pirates.
>>I am looking very hard at the new solution from Microsoft to handle
licenses.
Currently I use a different solution (SentinelLM) but they have raised
the
price big time so I need a replacement and I allready have a MSDN.
As fra as I can see right now my best bet is the "Gold dotfuscator"
solution
from preemptive.com
Fair enough. I'd still think about the costs vs actual likelihood of
revenue loss before going too far. Don't forget that the costs are
more than just the upfront cost of the obfuscation software - anything
which effectively changes how your code executes will have
implications in build, test, and support.
Jon
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Deano |
last post by:
Just wondering if there is a tool or method that will allow me to compare
the state of my database before and after I decompile it.
The last time I decompiled a few fields lost default values and some event
code wasn't firing anymore. I know that sounds unusual but this was
definitely the case.
I would like to decompile again but am reluctant to do so if it causes any
more problems. I would like to test what the decompile does to my...
|
by: Gaz |
last post by:
....and recompiling it again
Hi all,
I've got an Assembly DLL and associated .NetModules and want to amend
a function in one of the .NetModules
I've used ILDASM to decompile the .NetModules into IL so I can modify
the code but am having trouble trying to compile up the .NetModule and
effectively renew the Assembly.
|
by: Tony Maresca |
last post by:
Hi. I have a class derived from a UserControl,
that I want to allow others to derive controls
from. I don't want them to design the base
class (which is derived from a UserControl).
I know that I can prevent the control from being
designed by making it not the first class in the
code file, but is there another more 'official' way
to do this via attributes.
|
by: techfuzz |
last post by:
I scoured this group and others looking for the best way to disable a
button after the first click to prevent multiple submissions, but
never did find anything that worked like they said it would. I went
ahead and wrote my own bit of code so I'm sharing it here for
everyone. Even though it doesn't really disable the button by greying
it out, it prevents the multiple submissions which it what I was
attempting to prevent all along. ...
|
by: Diogo Alves - Software Developer |
last post by:
I found a few days ago that was possible to decompile any program developed
in C#
That is a huge failure.... It's not aceptable that a company that pays a lot
for visual studio and pays to the employees to develop new product, and then
all the code is exposed....
I found that the decompilers are pretty good, and have options like
deObfuscate....
| | |
by: MLH |
last post by:
Can decompiling an A97 mdb result in fixing minor nasties that may be
responsible for some premature terminations of A97 (We are sorry. MS
Access 97 needs to close.... messages). I've found the following
recommendation and was wondering if any of you have used the
technique and why you did?
To decompile start Access with the /decompile switch. To do this from
windows do a Start, Run and then where it asks for the name of the
program to...
|
by: --== Alain ==-- |
last post by:
Hi,
Using the .NET reflector tool, i know that a DLL or EXE developed in
..NET platform can be decompiled and therefore code is available for all.
I would like to know if exist a way how to avoid tools like .NET
reflector to decompile your code or at least to avoid people to see
clearly the code of you DLL or EXE ?
thanks a lot,
|
by: Dutt |
last post by:
Do you know that .NET Compiled code can be revert back to C# and
VB.NET Source code. Yes it is possible by using decompiler we can get
the original source code, then what about security. We can use .NET
Obfuscation using dotfuscator for source code protection ...
http://msdotnetsupport.blogspot.com/2008/02/net-obfuscation-using-dotfuscator-for.html
|
by: Grant |
last post by:
I've seen a couple of articles on the internet that VB.NET applications
can be decompiled very easy. For those who have had experience with
this, is it true? What steps can be taken to avoid this? I am using
VB.NET Express but am willing to buy something (within reason) to
prevent easy decompiling. Any suggestions are much appreciated.
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
