To protect your C# program from decomplication, the Dotfuscator is the
recommanded way by Microsoft. But if you dotfuscate your final release, your
program could break down, and also you will probably fall in a "Dotfuscator
hell", which is even worse than the famous DLL hell. So dotfuscate or Not ? 7 3615
Dotfuscate the inner workings and you are fine. Touch any public interface
portions and you are on your own.
--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
*************************************************
Think outside the box!
*************************************************
"Vincent" <Vi*****@discussions.microsoft.com> wrote in message
news:CE**********************************@microsof t.com... To protect your C# program from decomplication, the Dotfuscator is the recommanded way by Microsoft. But if you dotfuscate your final release, your program could break down, and also you will probably fall in a "Dotfuscator hell", which is even worse than the famous DLL hell. So dotfuscate or Not ?
That's what testing is for. A lot of obfuscators will let you debug the
obfuscated code (the one we use, Xenocode, allows you to generate a map
between the original and ofuscated names that can be applied during
debugging). In any case, a good obfuscator doesn't functionally change code.
That said, as the other poster said, if you change public interfaces you may
be in trouble.
Steve
"Vincent" <Vi*****@discussions.microsoft.com> wrote in message
news:CE**********************************@microsof t.com... To protect your C# program from decomplication, the Dotfuscator is the recommanded way by Microsoft. But if you dotfuscate your final release, your program could break down, and also you will probably fall in a "Dotfuscator hell", which is even worse than the famous DLL hell. So dotfuscate or Not ?
Vincent,
How can anybody advise you in a newsgroup not to close your frontdoor.
This depends always on your particular situation. When the software is by
instance only for your private use and you have not the intent to make any
part of it commercial, than you probably know my answer.
Just my thought about your question.
Cor
"Steve McLellan" wrote: the one we use, Xenocode, allows you to generate a map between the original and ofuscated names that can be applied during debugging
Steve
I don't know Xencode, is it much better than dotfuscator? By the way,
personally I don't like the idea of any obfuscation, it makes you less
confident on your own product, but it seems to be the only way with any .Net
language. After some test and discussion, the company I work for is not
satisfied with any solution on this issue, and decide to stay on C++ . So
..Net is totally out here, how is .Net getting along in your company?
Vincent wrote: I don't know Xencode, is it much better than dotfuscator? By the way, personally I don't like the idea of any obfuscation, it makes you less confident on your own product, but it seems to be the only way with any .Net language. After some test and discussion, the company I work for is not satisfied with any solution on this issue, and decide to stay on C++ . So .Net is totally out here, how is .Net getting along in your company?
Are you saying that the company lets obfuscation decide which language
to do implementation in? Perfectly good decompilers for C++ exists ;)
Selecting an implementation language based on obfuscation probably not a
wise move in general. C++ is definatly a more expensive
(price/functionality) language than most.
Some of the relevant questions/answers about obfuscation are:
- What does obfuscation defend against?
- Other people copying the code: No
- Other people changing the code: perhaps
- Other people find out how code is structured at source level: yes
- Who does obfuscation defend against:
- Professionals out to do code-theft: Not really
- Random programmers: Yes
- Why isn't the legal protection of copyright and EULA's enough?
Bottom line: I think the ones really prevented of doing anything through
obfuscation are J. random user, and not "customers".
From my point of view, the only real argument for obfuscation is if you
wish to:
- Make life harder for supporters
- Make 31337 groups claim glory by breaking it
- Make customers not see your bad code (this seems to be #1 :)
--
Helge
"Helge Jensen" wrote: Vincent wrote:
I don't know Xencode, is it much better than dotfuscator? By the way, personally I don't like the idea of any obfuscation, it makes you less confident on your own product, but it seems to be the only way with any .Net language. After some test and discussion, the company I work for is not satisfied with any solution on this issue, and decide to stay on C++ . So .Net is totally out here, how is .Net getting along in your company?
Are you saying that the company lets obfuscation decide which language to do implementation in? Perfectly good decompilers for C++ exists ;)
Selecting an implementation language based on obfuscation probably not a wise move in general. C++ is definatly a more expensive (price/functionality) language than most.
Some of the relevant questions/answers about obfuscation are:
- What does obfuscation defend against? - Other people copying the code: No - Other people changing the code: perhaps - Other people find out how code is structured at source level: yes - Who does obfuscation defend against: - Professionals out to do code-theft: Not really - Random programmers: Yes - Why isn't the legal protection of copyright and EULA's enough?
Bottom line: I think the ones really prevented of doing anything through obfuscation are J. random user, and not "customers".
From my point of view, the only real argument for obfuscation is if you wish to:
- Make life harder for supporters - Make 31337 groups claim glory by breaking it - Make customers not see your bad code (this seems to be #1 :)
-- Helge
From a developer's view, I don't believe anyone wants to obfuscate the
product, but from the company's view you must find a way to protect yourself
beside legal protection. If you are using C#, serial number/activation code
method is just too easy to crack, even with obfuscation.
Given a situation like this: You developed a good desktop product using C# ,
and have several dealers to distribute it for you. The dealer definitely has
the incentive and will fiture out the way that you generate the serial
number/activation code. Once that happen, you lose control on the dealer,
they can sell your product freely and you get nothing.
Vincent wrote: From a developer's view, I don't believe anyone wants to obfuscate the
agreed :)
product, but from the company's view you must find a way to protect yourself beside legal protection. If you are using C#, serial number/activation code method is just too easy to crack, even with obfuscation.
Have you seen *anything* protected by any kind of scheme which isn't
readily downloadable on the internet?
Given a situation like this: You developed a good desktop product using C# , and have several dealers to distribute it for you. The dealer definitely has the incentive and will fiture out the way that you generate the serial number/activation code. Once that happen, you lose control on the dealer, they can sell your product freely and you get nothing.
That may be true, but obfuscation will really not protect you against
the "bad guys"(TM) only the random users.
Once the cat is out of the bag, a keygen is distributed and your
obfuscation doesn't mean anything other than making it more interesting
to "crack".
Well, the company is of course free to take any route it chooses, but
selecting an implementation-language on the basis of (seemingly, rather
imprecise analysis of) the obfuscation of source-code seems like a
really good strategy for non-optimal development ~= failure, atlest to mee.
People "out there" have cracked every scheme sofar, they *will* crack
yours, if your app is worth anything to them, and maybe even if it
isn't. There is no obfuscation-defence against that.
--
Helge This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Alan Mok |
last post by:
Hi All,
I am a newbie to dotfuscator. I am trying to dotfuscate my application.
Everything seems ok except that when I try to run a method that has the
following command
...
|
by: Alan Mok |
last post by:
Hi All,
I have an application whose forms have at least two languages, English
and Traditional Chinese. When I dotfuscate my application, only the default
language, i.e. English, is showing. Any...
|
by: Michiel |
last post by:
Hello,
I was trying to dotfuscate some mixed code modules, but apparently
Dotfuscator cannot do that.
Does anyone know of a program that can do this ?
TIA,
Michiel.
|
by: Shane Story |
last post by:
If there is a better group for this please tell me.
I would like to build some sort of build batch file/macro or something so
that
I can easily, build my vb app, dotfuscate it (or if there is...
|
by: Antoine |
last post by:
Hi I have a novice question. I am writing some code, and several routines in
..NET. So far very succesfully using several sample to work from, though am I
jumping in by doing this and I really need...
| |
by: |
last post by:
Since I need to dotfuscate my exe file anyway, does it make any
difference if I use Debug or Release versions. Would a Debug
version be easier to decompile/study/reverse engineer than a
Release...
|
by: Antoine |
last post by:
I can't work out what is causing this problem. Can anyone suggest what the
typical causes beyond the obvious might be? Could you get it with datasets?
Maybe I should run in debug mode and test...
|
by: Vincent |
last post by:
To protect your C# program from decomplication, the Dotfuscator is the
recommanded way by Microsoft. But if you dotfuscate your final release, your
program could break down, and also you will...
|
by: Nospam |
last post by:
I'm trouble shooting my obfuscated program. I'd like suggestions on some
tools to help. I'm using vs2005 with delayed signing option from the
project settings and reading the hash from a key.snk...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
| |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |