473,327 Members | 2,090 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,327 software developers and data experts.

how to protect code

Hi,

Using the .NET reflector tool, i know that a DLL or EXE developed in
..NET platform can be decompiled and therefore code is available for all.

I would like to know if exist a way how to avoid tools like .NET
reflector to decompile your code or at least to avoid people to see
clearly the code of you DLL or EXE ?

thanks a lot,
Al.
Dec 26 '06 #1
7 4383
Using the .NET reflector tool, i know that a DLL or EXE developed in .NET
platform can be decompiled and therefore code is available for all.

I would like to know if exist a way how to avoid tools like .NET reflector
to decompile your code or at least to avoid people to see clearly the code
of you DLL or EXE ?
Do a search for dotNET obfuscator or .NET obfuscator.
The community edition of this tool is included with Visual Studio I think.
The goal of this tool is to make your code as unreadable as possible, for
example by replacing all variable names with variations of a, A, aA, Aa and
doing the same for method names etc.

Of course you have to ask yourself: 'is it necessary?'. If your code does
not contain trade secrets of special algorithms, it might not be worth it.

Being able to decompile assemblies can be useful for developers for finding
out what an assembly is exactly doing. This can be very valuable during a
debugging session.

--

Kind regards,
Bruno van Dooren
br**********************@hotmail.com
Remove only "_nos_pam"
Dec 26 '06 #2
Bruno van Dooren [MVP VC++] wrote:
Of course you have to ask yourself: 'is it necessary?'. If your code does
not contain trade secrets of special algorithms, it might not be worth it.

Being able to decompile assemblies can be useful for developers for finding
out what an assembly is exactly doing. This can be very valuable during a
debugging session.

Bruno,

I have an assembly that implements the Garmin Protocol. I am planning
on selling this assembly. The protocol can be very complicated. I
would not want someone to reverse engineer my code and just build their
own assembly. Don't you think it is worth obfuscating it?

--
Bruce E. Stemplewski
GarXface OCX and C++ Class Library for the Garmin GPS
www.stempsoft.com
Dec 26 '06 #3
I have an assembly that implements the Garmin Protocol. I am planning on
selling this assembly. The protocol can be very complicated. I would not
want someone to reverse engineer my code and just build their own
assembly. Don't you think it is worth obfuscating it?
Microsoft Research has a non-obfuscated .NET assembly that can be used to
download data from a Garmin device. I'm not sure if it supports uploading
to a Garmin device. It is available here:
http://www.wwmx.org/Download.aspx
After installing the TrackDownload application you will have an assembly
named Microsoft.GPS.GarminDevice.dll in your Program Files. Take a look at
it using Reflector. You might not need to write your own assembly.

Dec 27 '06 #4
>Of course you have to ask yourself: 'is it necessary?'. If your code does
>not contain trade secrets of special algorithms, it might not be worth
it.

Being able to decompile assemblies can be useful for developers for
finding out what an assembly is exactly doing. This can be very valuable
during a debugging session.
I have an assembly that implements the Garmin Protocol. I am planning on
selling this assembly. The protocol can be very complicated. I would not
want someone to reverse engineer my code and just build their own
assembly. Don't you think it is worth obfuscating it?
In this case, yes.
An implementation of a complex algorithm is certainly worth protecting.

But a lot of assemblies do not need it. For example, Using Lutz reflector,
you can view the CLR assemblies in decompiled C# code.
This is extremely useful if you get weird exceptions, or have security
problems etc.
Because it allows you -the developer- to see exactly what's going on.
So there is a case for not obfuscating too.

--

Kind regards,
Bruno van Dooren
br**********************@hotmail.com
Remove only "_nos_pam"
Dec 27 '06 #5
Hi Bruno,

What about people who develop assemblies and would like to sell them ?
if everybody is able to look into their code, the patents costs have not
value and it becomes more an open source.

I'm very surprised that MS allow open source for developing and by the
way, it means to make the market to open source.

There is really no way to protect my assembly code from being
duplicated/copied ?

Al.

Bruno van Dooren [MVP VC++] wrote:
>Using the .NET reflector tool, i know that a DLL or EXE developed in .NET
platform can be decompiled and therefore code is available for all.

I would like to know if exist a way how to avoid tools like .NET reflector
to decompile your code or at least to avoid people to see clearly the code
of you DLL or EXE ?

Do a search for dotNET obfuscator or .NET obfuscator.
The community edition of this tool is included with Visual Studio I think.
The goal of this tool is to make your code as unreadable as possible, for
example by replacing all variable names with variations of a, A, aA, Aa and
doing the same for method names etc.

Of course you have to ask yourself: 'is it necessary?'. If your code does
not contain trade secrets of special algorithms, it might not be worth it.

Being able to decompile assemblies can be useful for developers for finding
out what an assembly is exactly doing. This can be very valuable during a
debugging session.
Dec 27 '06 #6

"--== Alain ==--" <no****@noemail.comwrote in message
news:ug*************@TK2MSFTNGP06.phx.gbl...
Hi Bruno,

What about people who develop assemblies and would like to sell them ?
if everybody is able to look into their code, the patents costs have not
value and it becomes more an open source.
Patents are based on disclosure, not secrecy.
>
I'm very surprised that MS allow open source for developing and by the
way, it means to make the market to open source.

There is really no way to protect my assembly code from being
duplicated/copied ?
Sure... keep it to yourself, load it inside hardware where the user can't
see it, etc. Running on a user's general purpose computer essentially
guarantees them access to the code in some language or other (even optimized
"native" code can still be easily understood with the right tools).
>
Al.

Bruno van Dooren [MVP VC++] wrote:
>>Using the .NET reflector tool, i know that a DLL or EXE developed in
.NET platform can be decompiled and therefore code is available for all.

I would like to know if exist a way how to avoid tools like .NET
reflector to decompile your code or at least to avoid people to see
clearly the code of you DLL or EXE ?

Do a search for dotNET obfuscator or .NET obfuscator.
The community edition of this tool is included with Visual Studio I
think.
The goal of this tool is to make your code as unreadable as possible, for
example by replacing all variable names with variations of a, A, aA, Aa
and doing the same for method names etc.

Of course you have to ask yourself: 'is it necessary?'. If your code does
not contain trade secrets of special algorithms, it might not be worth
it.

Being able to decompile assemblies can be useful for developers for
finding out what an assembly is exactly doing. This can be very valuable
during a debugging session.

Dec 27 '06 #7
What about people who develop assemblies and would like to sell them ?
if everybody is able to look into their code, the patents costs have not
value and it becomes more an open source.
No, because the customer is not allowed to to use your patents..
I'm very surprised that MS allow open source for developing and by the
way, it means to make the market to open source.
This has nothing to do with open source. First of all, open source is about
sharing and distribution of source code.
You distribute a binary. Sure, the end user can decompile it, but it does
not contain any comments. The code is also machine generated, so it might
not look exactly like the original.
And I doubt that you are allowed to distribute the decompiled sources, since
you do not have a license agreement, and it is a direct derivative of the
binary assembly.

For the majority of assemblies, a vendor gains nothing from obfuscating the
assemblies. Don't you think Microsoft would have obfuscated the CLR
assemblies otherwise?
There is really no way to protect my assembly code from being
duplicated/copied ?
Yes there is. Use a .NET obfuscator.
It is not perfect, but native code has the same problem.
It is perfectly possible (though a bit harder) to decompile machine code
from dlls or exes.

--

Kind regards,
Bruno van Dooren
br**********************@hotmail.com
Remove only "_nos_pam"
Dec 27 '06 #8

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
by: YK | last post by:
All, What is the best way to protect IL code? --------------------------------------------------- Typical scenario: Visual Studio .NET 2003 includes Dotfuscator Community Edition, which...
6
by: Bill | last post by:
Hey, is it possible to protect ASP code in some way? Can it be compiled, or otherwise protect the source somehow? Thanks, -Bill.
3
by: Narlen | last post by:
Hi there, I don't know much about web design but I proudly managed to password protect a page on my site. Later I realized that everyone looking at the source in any web browser can see the...
1
by: Giganews | last post by:
I have an Access 97 database in which I am running an Excel macro through automation. The macro in Excel is as follows: Worksheets("Sheet1").Protect Password:="****", DrawingObjects:=True,...
15
by: Fady Anwar | last post by:
Hi while browsing the net i noticed that there is sites publishing some software that claim that it can decompile .net applications i didn't bleave it in fact but after trying it i was surprised...
19
by: Peter | last post by:
I wrote a dll and now I want to protect from mass distribution. What is the most COST software for doing this, or can it easily be done in vb.net.
3
by: SpIcH | last post by:
Hi All, This is all about protecting my data in Executable file. I have developed a program in Visual Basic .NET 2002. I have many questions in mind... please help me to complete my project. ...
0
by: lanem | last post by:
I am trying to create an excel spreadsheet from my asp.net 2.0(vb.net) code. I can create the file and even protect it, but I cannot protect it with a password. Here's my code: Dim xl As New...
22
by: teejayem | last post by:
Hi, I am new to programming with databases and was wanting some help. Is there any way to password protect an access database and access sent sql commands to it via vb.net code? Any help...
4
by: FAQ server | last post by:
----------------------------------------------------------------------- FAQ Topic - How do I protect my javascript code? ----------------------------------------------------------------------- ...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.