Buying Obfuscator Tools are a waste of money?
-
I think buying Obfuscator tools are unless.. I'm not so sure why there are some people who are willing to spend their money on those tools.. maybe, the boss doesn't understand the technical thing and he hired bad technical guys..
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
Lot's of people feel this way, lot's of others feel the opposite. I see it as exactly like locking your front door when you go out: it's good enough to keep out honest people and a reasonable precaution to take for such a cheap investment.
"It's so simple to be wise. Just think of something stupid to say and then don't say it." -Sam Levenson
-
I think buying Obfuscator tools are unless.. I'm not so sure why there are some people who are willing to spend their money on those tools.. maybe, the boss doesn't understand the technical thing and he hired bad technical guys..
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
Michael Sync wrote:
I think buying Obfuscator tools are unless..
Depends on which one. I use them sparingly from time to time.
"The clue train passed his station without stopping." - John Simmons / outlaw programmer "Real programmers just throw a bunch of 1s and 0s at the computer to see what sticks" - Pete O'Hanlon
-
I think buying Obfuscator tools are unless.. I'm not so sure why there are some people who are willing to spend their money on those tools.. maybe, the boss doesn't understand the technical thing and he hired bad technical guys..
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
Isn't it the same as locking your front door? It won't stop a dedicated criminal, but strill can keep out the majortiy of people. I wouldn't bet my core trade secret on it, but it's better than nothing.
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP
blog: TDD - the Aha! | Linkify!| FoldWithUs! | sighist -
Lot's of people feel this way, lot's of others feel the opposite. I see it as exactly like locking your front door when you go out: it's good enough to keep out honest people and a reasonable precaution to take for such a cheap investment.
"It's so simple to be wise. Just think of something stupid to say and then don't say it." -Sam Levenson
I think those tools will decrease the performance because it has to be decrypted before doing the operations.. I see configuring the security on your database is like locking your front door... Now, Microsoft released System.Configuration.dll without using oibfuscator tools. I wanna get the code so that I can port it to something else (e.g Silverlight). but it's not so easy to get the code even they are not using oibfuscator tools...
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
-
Michael Sync wrote:
I think buying Obfuscator tools are unless..
Depends on which one. I use them sparingly from time to time.
"The clue train passed his station without stopping." - John Simmons / outlaw programmer "Real programmers just throw a bunch of 1s and 0s at the computer to see what sticks" - Pete O'Hanlon
Paul Conrad wrote:
. I use them sparingly from time to tim
What is the advantages of using those tools? Do we really need to do that? Why? Is it so easy to get the code if we are not using those tools?
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
-
Paul Conrad wrote:
. I use them sparingly from time to tim
What is the advantages of using those tools? Do we really need to do that? Why? Is it so easy to get the code if we are not using those tools?
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
I use the dotfuscator community edition that comes with VS2008.
Michael Sync wrote:
Do we really need to do that?
Only if you want to add fun to decompiling :rolleyes:
Michael Sync wrote:
Is it so easy to get the code if we are not using those tools?
Yes, through reflections.
"The clue train passed his station without stopping." - John Simmons / outlaw programmer "Real programmers just throw a bunch of 1s and 0s at the computer to see what sticks" - Pete O'Hanlon
-
Isn't it the same as locking your front door? It won't stop a dedicated criminal, but strill can keep out the majortiy of people. I wouldn't bet my core trade secret on it, but it's better than nothing.
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP
blog: TDD - the Aha! | Linkify!| FoldWithUs! | sighistpeterchen wrote:
It won't stop a dedicated criminal, but strill can keep out the majortiy of people.
Yes. It'll keep most people at bay.
peterchen wrote:
it's better than nothing
True.
peterchen wrote:
same as locking your front door?
Yes, it is. I add more stuff to the obfuscation, so it is like locking the door and having my dogs sit on the porch. If you are a stranger to my chocolate lab, he'll bear his teeth and it is a rather scary sight :rolleyes:
"The clue train passed his station without stopping." - John Simmons / outlaw programmer "Real programmers just throw a bunch of 1s and 0s at the computer to see what sticks" - Pete O'Hanlon
-
Isn't it the same as locking your front door? It won't stop a dedicated criminal, but strill can keep out the majortiy of people. I wouldn't bet my core trade secret on it, but it's better than nothing.
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP
blog: TDD - the Aha! | Linkify!| FoldWithUs! | sighistpeterchen wrote:
Isn't it the same as locking your front door?
No. My house is not performing anything so locking the front door wont' slow down anything. And also, I already locked with my key. I dont think I need to have finger-print scanner to do double-locking.
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
-
I use the dotfuscator community edition that comes with VS2008.
Michael Sync wrote:
Do we really need to do that?
Only if you want to add fun to decompiling :rolleyes:
Michael Sync wrote:
Is it so easy to get the code if we are not using those tools?
Yes, through reflections.
"The clue train passed his station without stopping." - John Simmons / outlaw programmer "Real programmers just throw a bunch of 1s and 0s at the computer to see what sticks" - Pete O'Hanlon
Paul Conrad wrote:
Yes, through reflections
AFAIK, Reflection doesn't give you that much.. :)
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
-
Paul Conrad wrote:
Yes, through reflections
AFAIK, Reflection doesn't give you that much.. :)
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
It does give you some info, but not everything in it's entirety me thinks.
"The clue train passed his station without stopping." - John Simmons / outlaw programmer "Real programmers just throw a bunch of 1s and 0s at the computer to see what sticks" - Pete O'Hanlon
-
peterchen wrote:
Isn't it the same as locking your front door?
No. My house is not performing anything so locking the front door wont' slow down anything. And also, I already locked with my key. I dont think I need to have finger-print scanner to do double-locking.
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
Michael Sync wrote:
have finger-print scanner to do double-locking.
But that would be cool :-D Add an eye scanner for triple locking :rolleyes:
"The clue train passed his station without stopping." - John Simmons / outlaw programmer "Real programmers just throw a bunch of 1s and 0s at the computer to see what sticks" - Pete O'Hanlon
-
I think those tools will decrease the performance because it has to be decrypted before doing the operations.. I see configuring the security on your database is like locking your front door... Now, Microsoft released System.Configuration.dll without using oibfuscator tools. I wanna get the code so that I can port it to something else (e.g Silverlight). but it's not so easy to get the code even they are not using oibfuscator tools...
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
Michael Sync wrote:
I think those tools will decrease the performance because it has to be decrypted before doing the operations..
Whoa, hold up there, you said "obfuscator"! You didn't say anything about those encryption type of tools, those are *NOT* obfuscators at all and my experience with them in the past has led me to shun them entirely, not for performance reasons but for compatibility reasons though I'm sure you're right there is some overhead involved obviously. If you are talking about those encrypting tools then you might want to change your original post, entirely different thing.
"It's so simple to be wise. Just think of something stupid to say and then don't say it." -Sam Levenson
-
Michael Sync wrote:
have finger-print scanner to do double-locking.
But that would be cool :-D Add an eye scanner for triple locking :rolleyes:
"The clue train passed his station without stopping." - John Simmons / outlaw programmer "Real programmers just throw a bunch of 1s and 0s at the computer to see what sticks" - Pete O'Hanlon
Paul Conrad wrote:
Add an eye scanner for triple locking
haha. yes.. using obfuscator tool is not like locking the door. but it is like locking the kitchen doors in your restaurant while there are full of customers... it will take a lot of times just for locking and unlocking the kitchen
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
-
It does give you some info, but not everything in it's entirety me thinks.
"The clue train passed his station without stopping." - John Simmons / outlaw programmer "Real programmers just throw a bunch of 1s and 0s at the computer to see what sticks" - Pete O'Hanlon
Paul Conrad wrote:
It does give you some info, but not everything in it's entirety me thinks.
yes.. but it's not so easy to get the entire logic or codes.
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
-
I think buying Obfuscator tools are unless.. I'm not so sure why there are some people who are willing to spend their money on those tools.. maybe, the boss doesn't understand the technical thing and he hired bad technical guys..
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
I can understand reflection giving you the function parameters, but why does it need to give you the entire source code to the program? I've grown to like C# as a language but effectively handing out the source code of your apps when you release a program sucks. Mightily. So I would use the built-in obfuscator, yes, but not pay for it, and frankly all .NET compilers should have a compiler option to obfuscate compiled code.
-
Michael Sync wrote:
I think those tools will decrease the performance because it has to be decrypted before doing the operations..
Whoa, hold up there, you said "obfuscator"! You didn't say anything about those encryption type of tools, those are *NOT* obfuscators at all and my experience with them in the past has led me to shun them entirely, not for performance reasons but for compatibility reasons though I'm sure you're right there is some overhead involved obviously. If you are talking about those encrypting tools then you might want to change your original post, entirely different thing.
"It's so simple to be wise. Just think of something stupid to say and then don't say it." -Sam Levenson
What does "obfuscator" do then? Obfuscator doesn't give you anything extra layer over your assembly? AFAIK, there are some Obfuscator tools like that..
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
-
I think buying Obfuscator tools are unless.. I'm not so sure why there are some people who are willing to spend their money on those tools.. maybe, the boss doesn't understand the technical thing and he hired bad technical guys..
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net)
Nope - we use Xenocode, and it's really, really good. And yes - I do understand the technical issues with .NET and IL, but there are times when you need it. The important thing to know though, is that all code is ultimately decompilable. Obfuscation is about deterring the casual hacker; a determined hacker will always be able to break your code.
Deja View - the feeling that you've seen this post before.
-
I can understand reflection giving you the function parameters, but why does it need to give you the entire source code to the program? I've grown to like C# as a language but effectively handing out the source code of your apps when you release a program sucks. Mightily. So I would use the built-in obfuscator, yes, but not pay for it, and frankly all .NET compilers should have a compiler option to obfuscate compiled code.
It doesn't give the 'source code'. It's just that .NET decompilers can do a much better job than x86 assembly decompilers because compiled .NET assemblies still contain type information, method names, etc; and because MSIL isn't optimized (optimizations are left to the JIT). Non-optimized C code with type information (e.g. in form of debug symbols) can also be decompiled quite well, too.
-
It doesn't give the 'source code'. It's just that .NET decompilers can do a much better job than x86 assembly decompilers because compiled .NET assemblies still contain type information, method names, etc; and because MSIL isn't optimized (optimizations are left to the JIT). Non-optimized C code with type information (e.g. in form of debug symbols) can also be decompiled quite well, too.
Daniel Grunwald wrote:
It doesn't give the 'source code'.
It's as good as.
Daniel Grunwald wrote:
Non-optimized C code with type information (e.g. in form of debug symbols)
Only an idiot would ship a C++ .exe with debug symbols in it yet we ship C# .exes with even more information!
-
Michael Sync wrote:
I think buying Obfuscator tools are unless..
Depends on which one. I use them sparingly from time to time.
"The clue train passed his station without stopping." - John Simmons / outlaw programmer "Real programmers just throw a bunch of 1s and 0s at the computer to see what sticks" - Pete O'Hanlon
Paul Conrad wrote:
I use them sparingly from time to time.
Which one do you like to use? I've seen one from 9 Rays a while ago, have you worked with that one? Jeff