OK, I'm trying to understand the need for this. If I understand
correctly without this anyone can reverse engineer and obtain the
source code of my application - is this correct? And this tool will
prevent this?
Why isn't this tool automatically executed by default whenever I build
my apps?
My company is building corporate applications and don't want our
source code available to anyone. I assume there is a Dotfuscator that
comes with VS.NET Architect version? I have seen one and it's called
the Community Edition - but if I understand correctly there is a
professional version for $US 1,500 at www.preemptive.com? So even
through I have spent many thousands of dollars on development tools I
still need to spend another $1,500 to protect my source code????
Please tell me I have gotten this completely wrong and it's just a
matter of ticking a checkbox in my build configuration.
Thanks. 10  3642 
Darren,
Yes, you are correct, .NET code can easily be dissasembled.. In fact, VS.NET
comes with a tool called ILDasm..
This is not the real issue however, as any language can be dissasembled. So
really, no code is really safe..
Even code that has been run through an Obfuscator can be dissasembled, it's
just that the Variable Names, Propertie Names, Method Names, Class Names and
the like get renamed (this is a very basic example) but the code still has to
function. In .NET, that means the code is IL, from C++ is machine code, but
it is still structured code.
Having said all this, I think the real solution to protecting your code is
through legal measures, such as Licences, IP laws etc...
That's the way I see the world... Sorry if it's not what you wanted to hear.
Cheers
Eddie de Bear
"Darren" wrote: OK, I'm trying to understand the need for this. If I understand
correctly without this anyone can reverse engineer and obtain the
source code of my application - is this correct? And this tool will
prevent this?
Why isn't this tool automatically executed by default whenever I build
my apps?
My company is building corporate applications and don't want our
source code available to anyone. I assume there is a Dotfuscator that
comes with VS.NET Architect version? I have seen one and it's called
the Community Edition - but if I understand correctly there is a
professional version for $US 1,500 at www.preemptive.com? So even
through I have spent many thousands of dollars on development tools I
still need to spend another $1,500 to protect my source code????
Please tell me I have gotten this completely wrong and it's just a
matter of ticking a checkbox in my build configuration.
Thanks.
Well, anything that can be done, can be undone.
dotNet code can be disassembled, like any other code, including C++.
It just so happens that IL (Intermediate Language) style languages like
dotNet are easier to both compile and disassemble. However, this is not a
dotNet flaw per se.
Java is also an IL type language and can be easily disassembled.
If someone disassembles your application, they don't necessarily get source
code. They get the IL that the source code compiled to. From this, if they
are very persistent, they could possibly reproduce the behaviour of your
application.
The Dotfuscator or (obfuscator) just dinks around with things to make it
more confusing to the person looking at the IL in hopes they will just give
up. However, if someone is persistent enough, they can still figure things
out. They can do this with C++, or even Assembly. NO application is immune
to this, no matter what platform or language.
All the pricey big name applications you see for "free" running around the
internet that have been cracked, are generally not due to lack of trying on
the developer's part. There are some very smart, crafty, persistent, and
sadly shady people out there that do this sort of thing. So if it is really
important to you and you think your application may be a target for these
type of people, then do what you can to make it difficult. But don't blame
the language or compiler, they all are vulnerable.
Gerald
"Darren" <wa********@hotmail.com> wrote in message
news:cd**************************@posting.google.c om... OK, I'm trying to understand the need for this. If I understand
correctly without this anyone can reverse engineer and obtain the
source code of my application - is this correct? And this tool will
prevent this?
Why isn't this tool automatically executed by default whenever I build
my apps?
My company is building corporate applications and don't want our
source code available to anyone. I assume there is a Dotfuscator that
comes with VS.NET Architect version? I have seen one and it's called
the Community Edition - but if I understand correctly there is a
professional version for $US 1,500 at www.preemptive.com? So even
through I have spent many thousands of dollars on development tools I
still need to spend another $1,500 to protect my source code????
Please tell me I have gotten this completely wrong and it's just a
matter of ticking a checkbox in my build configuration.
Thanks.
is it possible to apply commercial protection to .net assemblies? eg:
securom, safedisc, starforce? ...yes these can be cracked and have been
cracked but very few people can and very few people will bother trying to
crack.
"Gerald Hernandez" wrote: Well, anything that can be done, can be undone.
dotNet code can be disassembled, like any other code, including C++.
It just so happens that IL (Intermediate Language) style languages like
dotNet are easier to both compile and disassemble. However, this is not a
dotNet flaw per se.
Java is also an IL type language and can be easily disassembled.
If someone disassembles your application, they don't necessarily get source
code. They get the IL that the source code compiled to. From this, if they
are very persistent, they could possibly reproduce the behaviour of your
application.
The Dotfuscator or (obfuscator) just dinks around with things to make it
more confusing to the person looking at the IL in hopes they will just give
up. However, if someone is persistent enough, they can still figure things
out. They can do this with C++, or even Assembly. NO application is immune
to this, no matter what platform or language.
All the pricey big name applications you see for "free" running around the
internet that have been cracked, are generally not due to lack of trying on
the developer's part. There are some very smart, crafty, persistent, and
sadly shady people out there that do this sort of thing. So if it is really
important to you and you think your application may be a target for these
type of people, then do what you can to make it difficult. But don't blame
the language or compiler, they all are vulnerable.
Gerald
"Darren" <wa********@hotmail.com> wrote in message
news:cd**************************@posting.google.c om... OK, I'm trying to understand the need for this. If I understand
correctly without this anyone can reverse engineer and obtain the
source code of my application - is this correct? And this tool will
prevent this?
Why isn't this tool automatically executed by default whenever I build
my apps?
My company is building corporate applications and don't want our
source code available to anyone. I assume there is a Dotfuscator that
comes with VS.NET Architect version? I have seen one and it's called
the Community Edition - but if I understand correctly there is a
professional version for $US 1,500 at www.preemptive.com? So even
through I have spent many thousands of dollars on development tools I
still need to spend another $1,500 to protect my source code????
Please tell me I have gotten this completely wrong and it's just a
matter of ticking a checkbox in my build configuration.
Thanks.
I have not researched this in any detail yet for dotNet, so cannot speak
with real authority.
However, I do know that many if not most of those types of applications do
not currently work with dotNet.
But most of these and more are actively developing versions that should work
with dotNet.
The only one of those listed that seems to mention anything specific about
dotNet is Securom. They anticipate dotNet support sometime next year.
Gerald
"savage" <sa****@discussions.microsoft.com> wrote in message
news:22**********************************@microsof t.com... is it possible to apply commercial protection to .net assemblies? eg:
securom, safedisc, starforce? ...yes these can be cracked and have been
cracked but very few people can and very few people will bother trying to
crack.
"Gerald Hernandez" wrote:
Well, anything that can be done, can be undone.
dotNet code can be disassembled, like any other code, including C++.
It just so happens that IL (Intermediate Language) style languages like
dotNet are easier to both compile and disassemble. However, this is not
a dotNet flaw per se.
Java is also an IL type language and can be easily disassembled.
If someone disassembles your application, they don't necessarily get
source code. They get the IL that the source code compiled to. From this, if
they are very persistent, they could possibly reproduce the behaviour of your
application.
The Dotfuscator or (obfuscator) just dinks around with things to make it
more confusing to the person looking at the IL in hopes they will just
give up. However, if someone is persistent enough, they can still figure
things out. They can do this with C++, or even Assembly. NO application is
immune to this, no matter what platform or language.
All the pricey big name applications you see for "free" running around
the internet that have been cracked, are generally not due to lack of trying
on the developer's part. There are some very smart, crafty, persistent, and
sadly shady people out there that do this sort of thing. So if it is
really important to you and you think your application may be a target for
these type of people, then do what you can to make it difficult. But don't
blame the language or compiler, they all are vulnerable.
Gerald
"Darren" <wa********@hotmail.com> wrote in message
news:cd**************************@posting.google.c om... OK, I'm trying to understand the need for this. If I understand
correctly without this anyone can reverse engineer and obtain the
source code of my application - is this correct? And this tool will
prevent this?
Why isn't this tool automatically executed by default whenever I build
my apps?
My company is building corporate applications and don't want our
source code available to anyone. I assume there is a Dotfuscator that
comes with VS.NET Architect version? I have seen one and it's called
the Community Edition - but if I understand correctly there is a
professional version for $US 1,500 at www.preemptive.com? So even
through I have spent many thousands of dollars on development tools I
still need to spend another $1,500 to protect my source code????
Please tell me I have gotten this completely wrong and it's just a
matter of ticking a checkbox in my build configuration.
Thanks.
Your code can easily be disassembled to readable code with something like
Relector http://www.aisto.com/roeder/dotnet.
I have always wondered why the big deal about hiding your source code
anyway. Unless you have some top secret algorithm that could be used to hack
into the government, who really cares. It's unlikely it could be used by
anyone anyway.
My company is building corporate applications and don't want our
source code available to anyone. I assume there is a Dotfuscator that
comes with VS.NET Architect version? I have seen one and it's called
the Community Edition - but if I understand correctly there is a
professional version for $US 1,500 at www.preemptive.com? So even
through I have spent many thousands of dollars on development tools I
still need to spend another $1,500 to protect my source code????
Please tell me I have gotten this completely wrong and it's just a
matter of ticking a checkbox in my build configuration.
See below for reponse.
I hope this clarifies things for you.
Regards,
Jonathan Henderson
==========================
Jonathan Henderson
PreEmptive Solutions
26250 Euclid Avenue
Suite 503
Cleveland, Ohio 44132 jh********@preemptive.com
========================== OK, I'm trying to understand the need for this. If I >understand
correctly without this anyone can reverse engineer and >obtain the
source code of my application - is this correct?
Yes, this is true. There are free decompilers out there that can take a
.NET assembly and convert it back into source code such as .NET
Reflector.
Here are other reasons why one might need to obfuscate.
<a
href="http://www.preemptive.com/documentation/NetHackerDemo.html">http:/
/www.preemptive.com/documentation/NetHackerDemo.html</a>
And this tool will prevent this?
Yes, the tool will prevent most who may try to reverse engineer your
application, obfuscation from any obfuscator does not guarantee 100%
protection. The idea of obfuscation is to make the goal of reverse
engineering your application compared to the effort it takes to reverse
engineer insignificant.
Why isn't this tool automatically executed by default >whenever I build
my apps?
Everyone's application differs in the code implementation that they use.
To have it automatically executed, would cause problems for others.
For example, some use dynamic class loading and reflection through the
use of strings. If such an application were to be obfuscated by renaming
all the identifers (i.e. class, method, and field names) then the type
that is called by reflection or dynamic class loading by string will
throw a NullReferenceException. Now such a tool could just change the
value of the string used in reflection or dynamic class loading, but to
the tool, how would it know the correct string. The string may have
another use elsewhere.
With Dotfuscator Professional Edition, it is integrated into Visual
Studio, so once you build your solution, Dotfuscator will perform
created your obfuscated assemblies.
My company is building corporate applications and don't >want our
source code available to anyone. I assume there is a >Dotfuscator that
comes with VS.NET Architect version? I have seen one and >it's called
the Community Edition - but if I understand correctly there >is a
professional version for $US 1,500 at www.preemptive.com?
Yes, as I mentioned before there is a professional version. This one has
the ability to integrate into Visual Studio .NET. The professional
version does a lot more than the community edition (which is bundled
with Visual Studio .NET)
such as synthesizing code within methods into spaghetti code, encrypting
strings, and removing unused types/methods/fields.
So even
through I have spent many thousands of dollars on >development tools I
still need to spend another $1,500 to protect my source >code????
In my opinion, if protecting the application's source code is your
company's concern, they should be the ones purchasing it (along with
VS.NET in my opinion) not you.
But before purchasing any obfuscator, try the community edition on your
Visual Studio. Since you bought VS.NET, it comes free.
You can also try to request an evaluation for the professional edition,
and try that out if you like.
Also when you get Dotfuscator Professional Edition (either evaluation or
the product itself) you also get first-rate support.
Please tell me I have gotten this completely wrong and it's >just a
matter of ticking a checkbox in my build configuration.
Thanks.
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Thankyou to everybody who replied. My main concern is that you can get
the source code from the executable. I know everything can be reversed
engineered but there is a big difference between getting assembler
code with auto-generated labels and getting 'the source code' with
proper names.
I don't like the idea of tools renaming classes and methods like some
obfuscation tools.
One that looks promising is called "Salamander .NET Protector". Has
anybody had any experiences with this? It appears do to the same thing
that Microsoft have done to protect the .NET framework code (ie.
hiding intellectual code).
I will still protect my source code until the day Microsoft releases a
dotNet version of MS Office that can be completely disassembled.
Darren.
all you have to do is learn how to read ASM like a newspaper :P
"Darren" wrote: Thankyou to everybody who replied. My main concern is that you can get
the source code from the executable. I know everything can be reversed
engineered but there is a big difference between getting assembler
code with auto-generated labels and getting 'the source code' with
proper names.
I don't like the idea of tools renaming classes and methods like some
obfuscation tools.
One that looks promising is called "Salamander .NET Protector". Has
anybody had any experiences with this? It appears do to the same thing
that Microsoft have done to protect the .NET framework code (ie.
hiding intellectual code).
I will still protect my source code until the day Microsoft releases a
dotNet version of MS Office that can be completely disassembled.
Darren.
Darren wrote: there is a
professional version for $US 1,500 at www.preemptive.com?
We offer a less expensive obfuscation tool that includes afvanced
features like string encryption that preemptive does not include in
their comparably priced versions. Our obfuscator is is bundled with
our Decompiler.NET product that includes a browser user interface so
you can preview your obfuscated code. We use the product on itself for
each build to protect our own products. You can download a free fully
functional trial version at http;//www.junglecreatures.com/
I will still protect my source code until the day Microsoft releases a
dotNet version of MS Office that can be completely disassembled.
You many get your wish. Office 13 is managed code built with .NET and
you will be able to decompile it just like the .NET Framework code if
they don't decide to obfuscate it.
Jonathan Pierce
President
Jungle Creatures, Inc. http://www.junglecreatures.com/
So the big question is: "Is dotnet obfuscator, community edition purposely
left out of Visual Studio 2003, version 7.1, that ships with Bisual
Basic.NET, Standard Edition? Or is it hiding somewhere?
"Jonathan Pierce" wrote: Darren wrote:
there is a
professional version for $US 1,500 at www.preemptive.com?
We offer a less expensive obfuscation tool that includes afvanced
features like string encryption that preemptive does not include in
their comparably priced versions. Our obfuscator is is bundled with
our Decompiler.NET product that includes a browser user interface so
you can preview your obfuscated code. We use the product on itself for
each build to protect our own products. You can download a free fully
functional trial version at http;//www.junglecreatures.com/
I will still protect my source code until the day Microsoft releases a
dotNet version of MS Office that can be completely disassembled.
You many get your wish. Office 13 is managed code built with .NET and
you will be able to decompile it just like the .NET Framework code if
they don't decide to obfuscate it.
Jonathan Pierce
President
Jungle Creatures, Inc.
http://www.junglecreatures.com/ This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: John |
last post by:
Hi,
I am building an application that uses Steema's TeeChart. When I run
my app through the dotfuscator it breaks the executable (saying
something about not finding the strongly named TeeChart...
|
by: StevenBarnes |
last post by:
I have a solution with 6 or so projects, some dts dll's, a couple
images, etc. I have a working setup project that creates a nice
installation msi. Cool.
Now I want to obfuscate my .exe and my...
|
by: Tom Bean |
last post by:
I am using Dotfuscator Community Edition to obfuscate an application for
Pocket PC written in C#. When I made the first pass with Dotfuscator, the
app threw a MissingManifestResourceException. Of...
|
by: Dave Goebel |
last post by:
PreEmptive Solutions wants to let you know that we have added a new
product to the Dotfuscator line.
The new Dotfuscator Standard Edition is a significant improvement to
the Community Edition...
|
by: Tina |
last post by:
I have a dll created from an asp.net component I wrote. I want to
distribute it to other developers but I'm told it can be reverse engineered.
I read the docs on dotfuscator thinking that this...
|
by: scorpion53061 |
last post by:
How can we obfuscate without disabling renaming and using a setup
project a project which includes a custom dll?
If I attempt to do so after I change the reference path to the
obfuscated dll...
|
by: Darren |
last post by:
OK, I'm trying to understand the need for this. If I understand
correctly without this anyone can reverse engineer and obtain the
source code of my application - is this correct? And this tool will...
|
by: Andrew E Chapman |
last post by:
Apologies if this seems to be a silly question, but...
.... is there anything that can be done to stop other people from using your
DLLs? For example, if you have a solution with three projects:...
|
by: Phil |
last post by:
I'm using the dotfuscator community enhanced edition, but am thinking of
upgrading to the professional edition. Where can I find pricing for this
(UK, single seat). I have filled in the form on...
|
by: linyimin |
last post by:
Spring Startup Analyzer generates an interactive Spring application startup report that lets you understand what contributes to the application startup time and helps to optimize it. Support for...
|
by: erikbower65 |
last post by:
Here's a concise step-by-step guide for manually installing IntelliJ IDEA:
1. Download: Visit the official JetBrains website and download the IntelliJ IDEA Community or Ultimate edition based on...
|
by: kcodez |
last post by:
As a H5 game development enthusiast, I recently wrote a very interesting little game - Toy Claw ((http://claw.kjeek.com/))。Here I will summarize and share the development experience here, and hope it...
|
by: Taofi |
last post by:
I try to insert a new record but the error message says the number of query names and destination fields are not the same
This are my field names
ID, Budgeted, Actual, Status and Differences
...
|
by: DJRhino1175 |
last post by:
When I run this code I get an error, its Run-time error# 424 Object required...This is my first attempt at doing something like this. I test the entire code and it worked until I added this -
If...
|
by: DJRhino |
last post by:
Private Sub CboDrawingID_BeforeUpdate(Cancel As Integer)
If = 310029923 Or 310030138 Or 310030152 Or 310030346 Or 310030348 Or _
310030356 Or 310030359 Or 310030362 Or...
|
by: lllomh |
last post by:
Define the method first
this.state = {
buttonBackgroundColor: 'green',
isBlinking: false, // A new status is added to identify whether the button is blinking or not
}
autoStart=()=>{
|
by: lllomh |
last post by:
How does React native implement an English player?
|
by: DJRhino |
last post by:
Was curious if anyone else was having this same issue or not....
I was just Up/Down graded to windows 11 and now my access combo boxes are not acting right. With win 10 I could start typing...
| |
