Results 1 to 7 of 7

Thread: Obfuscating assemblies

  1. #1

    Thread Starter
    Lively Member
    Join Date
    Jun 2003
    Posts
    89

    Obfuscating assemblies

    Hello,
    do you know of any cheap (free) tool that's able to make .net assemblies very difficult to disassemble?
    I learnt about dotfuscator, xenocode and others but they're very expensive. I mean, It's insane to buy a 300$~1000$ application just to secure a 50$ one.

    What do you do when it's time to deploy and sell your .net application, do you try to secure it or just don't care?
    Thanks for your answers
    - mo! I said MOOOOOOO!!
    - ...yep, that's a cow, alright.

  2. #2
    I'm about to be a PowerPoster! mendhak's Avatar
    Join Date
    Feb 2002
    Location
    Ulaan Baator GooGoo: Frog
    Posts
    38,170

    Re: Obfuscating assemblies

    It makes sense to buy a $300-$1000 application if you're going to be continuing development on your product or creating more products. And if you really need it.

    Visual Studio comes with a DotFuscator community edition. Have you given that a try?

  3. #3
    I'm about to be a PowerPoster! mendhak's Avatar
    Join Date
    Feb 2002
    Location
    Ulaan Baator GooGoo: Frog
    Posts
    38,170

    Re: Obfuscating assemblies

    What do you do when it's time to deploy and sell your .net application, do you try to secure it or just don't care?
    Thanks for your answers
    Depends on what you're making. I don't obfuscate assemblies for ASP.NET applications, since they are not visible to web users.

    On a related note, one way to delegate dependancy of your application on class libraries is to make your application use web services. The web service can use class libraries instead and return the relevant information and results to the application.

    It's a pretty good scheme, the only constraint being that an internet connection must be present.

  4. #4

    Thread Starter
    Lively Member
    Join Date
    Jun 2003
    Posts
    89

    Re: Obfuscating assemblies

    Quote Originally Posted by mendhak
    Visual Studio comes with a DotFuscator community edition. Have you given that a try?
    uhm, no, actually I'm doing it the SharpDevelop way.


    Quote Originally Posted by mendhak
    On a related note, one way to delegate dependancy of your application on class libraries is to make your application use web services. [...] the only constraint being that an internet connection must be present.
    Thanks for the advice, I'll take this into account. Though I'll have a rough time to explain the boss that the customers will need an active internet connection to make the software work

    I found a free obfuscator (Aspose.Obfuscator), but I also found a thread and someone says it's pretty buggy. I'll give it a shot, it won't hurt.

    Too bad there's not an obfuscator provided by Microsoft.
    Thanks for your help.

    edit:
    It makes sense to buy a $300-$1000 application if you're going to be continuing development on your product or creating more products
    that's very true but, unfortunately, I work for a new -very small- company, I can't tell my boss to buy Visual Studio AND Crystal Reports AND .net Charting AND Obfuscators, he's gonna detract those from my salary. I have to make simpler things from scratch. It's supposed to be hard at the beginning, isn't it?
    Last edited by BrightSoul; Jan 7th, 2006 at 04:06 PM.
    - mo! I said MOOOOOOO!!
    - ...yep, that's a cow, alright.

  5. #5
    Super Moderator jmcilhinney's Avatar
    Join Date
    May 2005
    Location
    Sydney, Australia
    Posts
    111,221

    Re: Obfuscating assemblies

    What type of users are you targeting with this app? What is the likelihood that they will even know that you can disassemble .NET executables, let alone how to do it? What is the likelihood that they will have the ability to get around even basic obfuscation. If it's a $50 app then what's the chance that other developers with the ability to disassemble and get past basic obfuscation couldn't reproduce the same thing simply by observing the functionality? It is generally more important to ensure that users do not, either knowingly or not, make illegal copies of the compiled software and use it themselves or distribute it to others. In this case it is licensing, not obfuscation, that will protect you.
    Why is my data not saved to my database? | MSDN Data Walkthroughs
    VBForums Database Development FAQ
    My CodeBank Submissions: VB | C#
    My Blog: Data Among Multiple Forms (3 parts)
    Beginner Tutorials: VB | C# | SQL

  6. #6

    Thread Starter
    Lively Member
    Join Date
    Jun 2003
    Posts
    89

    Re: Obfuscating assemblies

    Quote Originally Posted by jmcilhinney
    What type of users are you targeting with this app?
    People who don't know anything about programming so, yes, they'll never know they can disassemble the app and even if they did, they couldn't make use of the source.

    Quote Originally Posted by jmcilhinney
    It is generally more important to ensure that users do not, either knowingly or not, make illegal copies of the compiled software and use it themselves or distribute it to others. In this case it is licensing, not obfuscation, that will protect you.
    Yes, I'm actually developing a basic system that *theoretically* doesn't allow multiple installations to run. But, if a customer asks a friends who knows about programming, it would be pretty straightforward for him to understand how the whole copy protection system works and get past it.
    What I'm trying to accomplish here is basic obfuscation in order to discourage any disassembling intent. This way I can tell my boss "the source is not public, we have a copy protection system for our app" -stop.
    Then, we all know that experienced programmers can crack even the most complex program, but darn, I don't care.
    - mo! I said MOOOOOOO!!
    - ...yep, that's a cow, alright.

  7. #7
    I'm about to be a PowerPoster! mendhak's Avatar
    Join Date
    Feb 2002
    Location
    Ulaan Baator GooGoo: Frog
    Posts
    38,170

    Re: Obfuscating assemblies

    As an alternative to Crystal Reports, may I suggest SQL Server Reporting Services? It's free with a SQL Server license

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width