Hi,
since there are tools that can decompile assemblies and
show ENTIRE SOURCE CODE (!?) is there any way for
developers to protect their work ?
Or, is famoues .NET framework just for companies who sell
their source code. If this is true - it is unbelievable
childish ! 12 1616
dam <da****@hotmail.com> wrote: since there are tools that can decompile assemblies and show ENTIRE SOURCE CODE (!?) is there any way for developers to protect their work ?
There are obfuscators which will make the code much harder to read.
Or, is famoues .NET framework just for companies who sell their source code. If this is true - it is unbelievable childish !
Any non-trivial app which has been obfuscated (and probably most which
haven't been obfuscated) will be *very* hard to fully understand. Don't
forget that you don't get any comments back when you decompile.
What *exactly* are you afraid of? One thing it *does* make easier is
simple cracking of licence code (or rather, simple bypassing of licence
code) but it's not like that's impossible with native code either.
For the most part, I believe it would be harder to steal intellectual
property by decompiling than to take the ideas that are apparent in the
app itself and redevelop them from scratch.
--
Jon Skeet - <sk***@pobox.com> http://www.pobox.com/~skeet
If replying to the group, please do not mail me too
> since there are tools that can decompile assemblies and show ENTIRE SOURCE CODE (!?) is there any way for developers to protect their work ?
In my opinion (seen enough examples) taking out of the protection from 99%
of the applications is just a matter of hours.
So don't concentrate too much in protecting, use that energy to improve your
application.
Or, is famoues .NET framework just for companies who sell their source code. If this is true - it is unbelievable childish !
There are things build in .NET that actually improves protection.
Compared to conventional exe applications, building-in a protection
mechanism is simpler, but not perfect.
Copy protection must be built in from te very first line of code that you
write and mixed in all your functions.
It must be part of your code, not some library that you link with. And when
the program discovers that something is wrong, it should wait an random
interval before reporting this dialog box with the error message somewhere
encrypted in your application.
LicenseProvider. Is the component license model also at risk. Im supprised
somebody has not done this already, then again there may not be alot of
licensed components out there, and there is no framework for licensing apps.
<Ol**********@skyscan.be> wrote in message
news:3f***********************@reader1.news.skynet .be... since there are tools that can decompile assemblies and show ENTIRE SOURCE CODE (!?) is there any way for developers to protect their work ? In my opinion (seen enough examples) taking out of the protection from 99% of the applications is just a matter of hours. So don't concentrate too much in protecting, use that energy to improve
your application.
Or, is famoues .NET framework just for companies who sell their source code. If this is true - it is unbelievable childish ! There are things build in .NET that actually improves protection. Compared to conventional exe applications, building-in a protection mechanism is simpler, but not perfect.
Copy protection must be built in from te very first line of code that you write and mixed in all your functions. It must be part of your code, not some library that you link with. And
when the program discovers that something is wrong, it should wait an random interval before reporting this dialog box with the error message
somewhere encrypted in your application.
Obfuscators are certainly better than nothing. But, in my
opinion, the more logic in one method, the easier it gets
to understand. String protection (and there could be
important data) is poor by obfuscators. Here http://www.remotesoft.com/salamander/obfuscator.html
is good discussion on that.
In my oppinion, the one should write source code,
obfuscate it, decompile it, and if it looks easy to
understand write it other way (by using more methods)
until it gets hard enough to understand. But, on the
other hand, calling a method puts extra overhead. -----Original Message----- dam <da****@hotmail.com> wrote: since there are tools that can decompile assemblies
and show ENTIRE SOURCE CODE (!?) is there any way for developers to protect their work ? There are obfuscators which will make the code much
harder to read. Or, is famoues .NET framework just for companies who
sell their source code. If this is true - it is
unbelievable childish ! Any non-trivial app which has been obfuscated (and
probably most whichhaven't been obfuscated) will be *very* hard to fully
understand. Don'tforget that you don't get any comments back when you
decompile. What *exactly* are you afraid of? One thing it *does*
make easier issimple cracking of licence code (or rather, simple
bypassing of licencecode) but it's not like that's impossible with native
code either. For the most part, I believe it would be harder to steal
intellectualproperty by decompiling than to take the ideas that are
apparent in theapp itself and redevelop them from scratch.
-- Jon Skeet - <sk***@pobox.com> http://www.pobox.com/~skeet If replying to the group, please do not mail me too . There are things build in .NET that actually improves
protection.Compared to conventional exe applications, building-in a
protectionmechanism is simpler, but not perfect.
Copy protection must be built in from te very first line
of code that youwrite and mixed in all your functions. It must be part of your code, not some library that you
link with. And whenthe program discovers that something is wrong, it should
wait an randominterval before reporting this dialog box with the
error message somewhereencrypted in your application.
Could you, please, be more specific on that. I'm not sure
I understand this completely.
I mean, when somebody sees your source code, he sees the
heart of your application, he sees the competitive
advantage your application has over other application
that perform more or less the same task.
There are bunch of applications that perform the same
tasks, but some do that better than the others.
And no mather how you obfuscate your application, the
competition will find what they are looking for. -----Original Message----- dam <da****@hotmail.com> wrote: since there are tools that can decompile assemblies
and show ENTIRE SOURCE CODE (!?) is there any way for developers to protect their work ? There are obfuscators which will make the code much
harder to read. Or, is famoues .NET framework just for companies who
sell their source code. If this is true - it is
unbelievable childish ! Any non-trivial app which has been obfuscated (and
probably most whichhaven't been obfuscated) will be *very* hard to fully
understand. Don'tforget that you don't get any comments back when you
decompile. What *exactly* are you afraid of? One thing it *does*
make easier issimple cracking of licence code (or rather, simple
bypassing of licencecode) but it's not like that's impossible with native
code either. For the most part, I believe it would be harder to steal
intellectualproperty by decompiling than to take the ideas that are
apparent in theapp itself and redevelop them from scratch.
-- Jon Skeet - <sk***@pobox.com> http://www.pobox.com/~skeet If replying to the group, please do not mail me too .
Ever heard of programs like softice (debugger), w32dasm (decompiler), ...
They gave you the full source code of any win32 app. Okay it was assembler
but if your competitors really wanted to steal it, that wouldn't have
stopped them.
"dam" <da****@hotmail.com> schreef in bericht
news:09****************************@phx.gbl... Obfuscators are certainly better than nothing. But, in my opinion, the more logic in one method, the easier it gets to understand. String protection (and there could be important data) is poor by obfuscators. Here http://www.remotesoft.com/salamander/obfuscator.html is good discussion on that.
Strings were never save. In "oldfashioned" win32 apps the only thing you had
to do was a memory dump and most of the time you could read everything you
needed to know.
In my oppinion, the one should write source code, obfuscate it, decompile it, and if it looks easy to understand write it other way (by using more methods) until it gets hard enough to understand. But, on the other hand, calling a method puts extra overhead.
dam <da****@hotmail.com> wrote: There are bunch of applications that perform the same tasks, but some do that better than the others.
And no mather how you obfuscate your application, the competition will find what they are looking for.
I think you're just guessing - and so am I, admittedly. I don't think
it *actually* happens much. By the time class names have been
obfuscated, the architecture of significant app really takes a long
time to understand.
Bearing in mind that most actual *algorithms* are well-known, you're
really just left with the architecture.
--
Jon Skeet - <sk***@pobox.com> http://www.pobox.com/~skeet
If replying to the group, please do not mail me too
The belief that native code protects your source code is false. How do you
think hackers find holes in software... By guessing ? Hell no you need to
look at the code that is running and find sweet spots. SoftIce or some other
tools that shows you code in the form of assembly language has always been
there. If someone is competent enough to understand your whole architecture
then he is no average bumbling fool and, no matter what, he will get to your
precious source code (or some interpretation of it).
Obfuscators exist out there that do a pretty decent job of keeping the
bumbling fool from easily reading your code, but a competent Joe will always
be able to read and understand (after some thinking) what your code does.
Anyways there's not much in terms of algorithm that's not already out there
somewhere.
Web services can help in this respect by putting sensitive code on the
server and not being accessible by a client and the code that's not so
sensitive (GUI stuff) on the client.
Chris.
"dam" <da****@hotmail.com> wrote in message
news:02****************************@phx.gbl... Hi,
since there are tools that can decompile assemblies and show ENTIRE SOURCE CODE (!?) is there any way for developers to protect their work ?
Or, is famoues .NET framework just for companies who sell their source code. If this is true - it is unbelievable childish !
Thank you all for participating.
You made me believe that good obfuscator will get the job
done.
Now, I have seen the output from dotfuscator and I think
it is pretty good.
If anyone knows for better obfuscator, please post it.
Thanks.
"dam" <da****@hotmail.com> wrote in news:0be701c39ef6$a1fd95c0
$a*******@phx.gbl: Thank you all for participating. You made me believe that good obfuscator will get the job done. Now, I have seen the output from dotfuscator and I think it is pretty good.
If anyone knows for better obfuscator, please post it.
Thanks.
This is what I am going to use when I am ready to deploy my app. It does
alot more than obfuscators. It actually encrpts the executeable. They
show samples on the web page what the source and outputs looks like. http://www.remotesoft.com/salamander/protector.html
I haven't actually tested it yet, but it sounds better. I won't be ready
to actually buy it for another 6 months, when my application is in the beta
test phase. I'd be interested if anyone has been able to hack around code
that has been protected by this program.
Michael Lang, MCSD
Does this affect the performance of the appliation when its obscfuated
"Michael Lang" <ml@nospam.com> wrote in message
news:Xn********************************@207.46.248 .16... "dam" <da****@hotmail.com> wrote in news:0be701c39ef6$a1fd95c0 $a*******@phx.gbl:
Thank you all for participating. You made me believe that good obfuscator will get the job done. Now, I have seen the output from dotfuscator and I think it is pretty good.
If anyone knows for better obfuscator, please post it.
Thanks.
This is what I am going to use when I am ready to deploy my app. It does alot more than obfuscators. It actually encrpts the executeable. They show samples on the web page what the source and outputs looks like.
http://www.remotesoft.com/salamander/protector.html
I haven't actually tested it yet, but it sounds better. I won't be ready to actually buy it for another 6 months, when my application is in the
beta test phase. I'd be interested if anyone has been able to hack around code that has been protected by this program.
Michael Lang, MCSD This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Tim Zhao |
last post by:
I downloaded the PHP 5 source code from
www.php.net web site. It is a tar compressed
file. I used WinZip to unzip it. Now I got a whole
bunch of files.
But I do not know to read these files. Do...
|
by: FISH |
last post by:
Ever have one of those days when you're not sure if it's you who's gone
mad, or the rest of the world?
I have an Open Source project on SourceForge for communication with YSMG
- Yahoo's IM...
|
by: TheAd |
last post by:
At this moment I use MsAccess and i can build about every databound
application i want. Who knows about a serious open source alternative?
Because Windows will be a client platform for some time, i...
|
by: kj |
last post by:
I consider myself quite proficient in C and a few other programming
languages, but I have never succeeded in understanding a largish
program (such as zsh or ncurses) at the source level. ...
|
by: Fady Anwar |
last post by:
Hi while browsing the net i noticed that there is sites publishing some
software that claim that it can decompile .net applications i didn't bleave
it in fact but after trying it i was surprised...
|
by: Alvo von Cossel I |
last post by:
hey everybody,
I have written a great browser but it is missing a feature (quite a lot
actually, but forget about them for now). that feature just so happens to be
the View > Source function....
|
by: Tina |
last post by:
In 1.1 I used to use a WebControlLibrary to hold code I didn't want to
expose when I distributed a component. The code would compile to a separate
dll and could not be viewed when used in a vs.net...
|
by: Jon Skeet [C# MVP] |
last post by:
I'm sure the net will be buzzing with this news fairly soon, but just
in case anyone hasn't seen it yet:
Microsoft are going to make the source code for the .NET framework
(parts of it,...
|
by: Spizzat2 |
last post by:
I'm trying to figure out a workaround to a minor annoyance that I'm
coming up with while coding a site. I've got some keyboard shortcuts
set up for the site via javascript, and when I press escape,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |