 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / Languages / Managed C++ / December 2006how to protect code
Hi, Using the .NET reflector tool, i know that a DLL or EXE developed in .NET platform can be decompiled and therefore code is available for all. I would like to know if exist a way how to avoid tools like .NET reflector to decompile your code or at least to avoid people to see clearly the code of you DLL or EXE ? thanks a lot, Al. > Using the .NET reflector tool, i know that a DLL or EXE developed in .NET > platform can be decompiled and therefore code is available for all. > > I would like to know if exist a way how to avoid tools like .NET reflector > to decompile your code or at least to avoid people to see clearly the code > of you DLL or EXE ? Do a search for dotNET obfuscator or .NET obfuscator. The community edition of this tool is included with Visual Studio I think. The goal of this tool is to make your code as unreadable as possible, for example by replacing all variable names with variations of a, A, aA, Aa and doing the same for method names etc. Of course you have to ask yourself: 'is it necessary?'. If your code does not contain trade secrets of special algorithms, it might not be worth it. Being able to decompile assemblies can be useful for developers for finding out what an assembly is exactly doing. This can be very valuable during a debugging session.  SignatureKind regards, Bruno van Dooren bruno_nos_pam_van_dooren@hotmail.com Remove only "_nos_pam" > Of course you have to ask yourself: 'is it necessary?'. If your code does > not contain trade secrets of special algorithms, it might not be worth it. > > Being able to decompile assemblies can be useful for developers for finding > out what an assembly is exactly doing. This can be very valuable during a > debugging session. Bruno, I have an assembly that implements the Garmin Protocol. I am planning on selling this assembly. The protocol can be very complicated. I would not want someone to reverse engineer my code and just build their own assembly. Don't you think it is worth obfuscating it? SignatureBruce E. Stemplewski GarXface OCX and C++ Class Library for the Garmin GPS www.stempsoft.com > I have an assembly that implements the Garmin Protocol. I am planning on > selling this assembly. The protocol can be very complicated. I would not > want someone to reverse engineer my code and just build their own > assembly. Don't you think it is worth obfuscating it? Microsoft Research has a non-obfuscated .NET assembly that can be used to download data from a Garmin device. I'm not sure if it supports uploading to a Garmin device. It is available here: http://www.wwmx.org/Download.aspx After installing the TrackDownload application you will have an assembly named Microsoft.GPS.GarminDevice.dll in your Program Files. Take a look at it using Reflector. You might not need to write your own assembly. >> Of course you have to ask yourself: 'is it necessary?'. If your code does >> not contain trade secrets of special algorithms, it might not be worth [quoted text clipped - 8 lines] > want someone to reverse engineer my code and just build their own > assembly. Don't you think it is worth obfuscating it? In this case, yes. An implementation of a complex algorithm is certainly worth protecting. But a lot of assemblies do not need it. For example, Using Lutz reflector, you can view the CLR assemblies in decompiled C# code. This is extremely useful if you get weird exceptions, or have security problems etc. Because it allows you -the developer- to see exactly what's going on. So there is a case for not obfuscating too. SignatureKind regards, Bruno van Dooren bruno_nos_pam_van_dooren@hotmail.com Remove only "_nos_pam" Hi Bruno, What about people who develop assemblies and would like to sell them ? if everybody is able to look into their code, the patents costs have not value and it becomes more an open source. I'm very surprised that MS allow open source for developing and by the way, it means to make the market to open source. There is really no way to protect my assembly code from being duplicated/copied ? Al. >> Using the .NET reflector tool, i know that a DLL or EXE developed in .NET >> platform can be decompiled and therefore code is available for all. [quoted text clipped - 15 lines] > out what an assembly is exactly doing. This can be very valuable during a > debugging session. > Hi Bruno, > > What about people who develop assemblies and would like to sell them ? > if everybody is able to look into their code, the patents costs have not > value and it becomes more an open source. Patents are based on disclosure, not secrecy. > I'm very surprised that MS allow open source for developing and by the > way, it means to make the market to open source. > > There is really no way to protect my assembly code from being > duplicated/copied ? Sure... keep it to yourself, load it inside hardware where the user can't see it, etc. Running on a user's general purpose computer essentially guarantees them access to the code in some language or other (even optimized "native" code can still be easily understood with the right tools). > Al. > [quoted text clipped - 19 lines] >> finding out what an assembly is exactly doing. This can be very valuable >> during a debugging session. > What about people who develop assemblies and would like to sell them ? > if everybody is able to look into their code, the patents costs have not > value and it becomes more an open source. No, because the customer is not allowed to to use your patents.. > I'm very surprised that MS allow open source for developing and by the > way, it means to make the market to open source. This has nothing to do with open source. First of all, open source is about sharing and distribution of source code. You distribute a binary. Sure, the end user can decompile it, but it does not contain any comments. The code is also machine generated, so it might not look exactly like the original. And I doubt that you are allowed to distribute the decompiled sources, since you do not have a license agreement, and it is a direct derivative of the binary assembly. For the majority of assemblies, a vendor gains nothing from obfuscating the assemblies. Don't you think Microsoft would have obfuscated the CLR assemblies otherwise? > There is really no way to protect my assembly code from being > duplicated/copied ? Yes there is. Use a .NET obfuscator. It is not perfect, but native code has the same problem. It is perfectly possible (though a bit harder) to decompile machine code from dlls or exes. SignatureKind regards, Bruno van Dooren bruno_nos_pam_van_dooren@hotmail.com Remove only "_nos_pam" Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.