obsfucation
-
I am starting to research obsfucation. I have started to look at different products and they all claim to be perfect and better than the others. Can some of you share your experience with any of the products out there. I know that none of them are perfect, but some should be better than none. Thanks! Hogan
-
I am starting to research obsfucation. I have started to look at different products and they all claim to be perfect and better than the others. Can some of you share your experience with any of the products out there. I know that none of them are perfect, but some should be better than none. Thanks! Hogan
They're all absolute crap. Honestly, I haven't found one that always works on our WinForms rich client. The best I've seen is SmartAssembly and XenoCode. However, they're both crap in that they still fail often, just a lot less than the others.
Tech, life, family, faith: Give me a visit. I'm currently blogging about: How could God prove Himself to humanity? The apostle Paul, modernly speaking: Epistles of Paul Judah Himango
-
They're all absolute crap. Honestly, I haven't found one that always works on our WinForms rich client. The best I've seen is SmartAssembly and XenoCode. However, they're both crap in that they still fail often, just a lot less than the others.
Tech, life, family, faith: Give me a visit. I'm currently blogging about: How could God prove Himself to humanity? The apostle Paul, modernly speaking: Epistles of Paul Judah Himango
Thanks for the reply Judah. After my research today, the two that I thought might fit best are the two you mentioned. SmartAssembly was first on my list. That being said, can you be more specific about them failing often? If you mean that the application breaks while it is running, that is one thing, but if you mean that it breaks the code that is released, then that is a big concern for me. Thanks a ton for responding! Hogan
-
Thanks for the reply Judah. After my research today, the two that I thought might fit best are the two you mentioned. SmartAssembly was first on my list. That being said, can you be more specific about them failing often? If you mean that the application breaks while it is running, that is one thing, but if you mean that it breaks the code that is released, then that is a big concern for me. Thanks a ton for responding! Hogan
It breaks the code. More often than not, we'll obfuscate and suddenly our app won't run at all, but will crash upon startup because the obfuscator's IL writing is crap. Frankly, I feel obfuscation is a big hack that doesn't fit well in the .NET world. It tries to solve a problem that exists only in the minds of paranoid software managers.
Tech, life, family, faith: Give me a visit. I'm currently blogging about: How could God prove Himself to humanity? The apostle Paul, modernly speaking: Epistles of Paul Judah Himango
-
I am starting to research obsfucation. I have started to look at different products and they all claim to be perfect and better than the others. Can some of you share your experience with any of the products out there. I know that none of them are perfect, but some should be better than none. Thanks! Hogan
I don't have any experience with them myself, but nearly everything I've heard about them is negative. The general consensus seems to be that if you have a piece of code you'd really like to protect, you have two options: 1. Put it in an unmanaged DLL, then invoke its methods from your managed program. This isn't perfect, but disassembling unmanaged code is less trivial than disassembling managed code. 2. Don't even ship the secure binary. Keep it in a safe location - i.e. on your web server, and have the client make web calls to your service. This is the ideal solution, as you don't have to worry about obfuscation. The client never even has access to your binary! Of course, this solution is only appropriate for a very limited number of scenarios. Your clients need constant network access to make this work. Good luck!