Re: Decompiler

From: news.microsoft.com (jclak_at_thinstall_dot_com@nohere.com)
Date: 01/07/03


From: "news.microsoft.com" <jclak_at_thinstall_dot_com@nohere.com>
Date: Tue, 7 Jan 2003 17:59:50 -0000


There are a number of companies today who sell .net code protection
products:

Obfuscators. Obfuscators process .net binary byte code and attempt to
mangle the symbol names so the resulting disassembly is less readable.

  a.. The good.
    a.. Obfuscators offers some level of protection against people easily
reading your source code, for example member function names such as
"IsLicenseValid()" becomes "xyz()".
    b.. Obfuscators can apply some tricks that may cause various
disassemblers to crash.
  b.. The bad
    a.. Programs are still disassemblable, they are just slightly more
difficult to read. Because disassemblers cannot encrypt symbol names that
interface with the .NET Framework, it's not very hard to follow what is
happening, even in the obfuscated state.
    b.. IL byte code disassembly is very structured and much easier to read
than say Intel binary disassembly.
    c.. Bugs that cause disassemblers to crash will undoubtedly be fixed
soon, so depending on this trick is a very short-sighted solution.
    d.. Obfuscated symbols may cause programs to fail, especially if they
use reflection.
    e.. Obfuscated symbols makes crash call traces look like garbage, making
it difficult to test and debug release versions of your software.
    f.. Obfuscators typically have a large number of options that need
manual adjustment to achieve higher levels of security at the risk of less
compatibility with the original byte code.
  c.. The price
    a.. Obfuscators range in price from Free to $50 to $1400, checkout
Frank Lesser's "LSW IL Obfuscator" for a quality inexpensive obfuscator.

RemoteSoft Salamander Protector. Saves the result of a JIT transform on the
byte code.

  a.. The good.
    a.. Provides a good level of security, this method is unlikely to
reversed back into IL byte code.
  b.. The bad.
    a.. This method is not compatible across .NET Framework Service packs.
For example EXE files created using .NET Framework Service Initial Release
do not work with installations of Service Pack 2. Because many users may
have different installations of the framework installed, this solution
becomes useful only in very controlled environments - but usually in these
environments protection is not strongly needed.
    b.. This method is not likely to be compatible across .NET Releases.
When 1.1 is release, previous programs Salamander Protector will most likely
fail.
    c.. Salamander requires a secondary DLL to be shipped with you
application. This could complicate installation and pose additional support
problems.
    d.. Programs created with Salamander are limited to the Windows Intel
Platform.
  c.. The price
    a.. Cost $799

Thinstall.NET. Applies full-program wrapping encryption that operates
outside the .NET Framework

  a.. The good
    a.. Stops all disassemblers and tools that operate on .NET binaries.
    b.. Compatible across all .NET Framework Service packs and releases.
When MS releases 1.1, Thinstall.NET should continue to work with no changes.
    c.. Compresses .NET programs several times more than obfuscators,
typically 50% or more.
    d.. Because of above, load times are often improved by 2x.
    e.. This solution requires no extra outside files - everything remains
in a single EXE file.
    f.. Allows full use of reflection with no program changes.
    g.. Crash traces show full symbol names so testing and debugging release
builds is possible using the JIT debugger.
    h.. Thinstall.NET is very simple to use, just enter the name of the EXE
and click build.

  b.. The bad
    a.. Because the original byte code is decrypted in memory just before
being passed to the JIT compiler it is technically possible for someone, who
knows where and when, to save it off to disk. We think this is an
acceptable risk for most developers.
    b.. Programs created with Thinstall.NET are limited to the Windows Intel
Platform
  c.. The price
Cost: $59, $399 for a version that does not require an Internet connection.

"Emad Rangchi" <emadrangchi@hotmail.com> wrote in message
news:e6Ep0U1pCHA.2460@TK2MSFTNGP12...
> Hi
> I am .Net programmer .but have a problem with .Net
> I found a software who decode teh MSIL code to source code.how can I
prevent
> this in my project
> Thanks for any suggestion
> __________________________________________________________________ emad
> rangchi ICQ#: 130046475 Current ICQ status: + More ways to contact me i
See
> more about me:
> __________________________________________________________________
>
>



Relevant Pages

  • Re: Decompiler
    ... Obfuscators process .net binary byte code and attempt to ... Obfuscators offers some level of protection against people ... Because disassemblers cannot encrypt symbol names ... >> interface with the .NET Framework, it's not very hard to follow what is ...
    (microsoft.public.dotnet.security)
  • Re: Decompiler
    ... Obfuscators process .net binary byte code and attempt to ... Obfuscators offers some level of protection against people ... Because disassemblers cannot encrypt symbol names ... >> interface with the .NET Framework, it's not very hard to follow what is ...
    (microsoft.public.dotnet.security)
  • Re: Decompiler
    ... Obfuscators process .net binary byte code and attempt to ... Obfuscators offers some level of protection against people easily ... > disassemblers to crash. ... > interface with the .NET Framework, it's not very hard to follow what is ...
    (microsoft.public.dotnet.security)
  • Re: DLL disassembly
    ... You need to obfuscate the dll. ... protection but to get maximum protection you need to buy their professional ... There are also other obfuscators on the market ... > disassembly and shown most of the source code. ...
    (microsoft.public.dotnet.framework)
  • Re: .NET and keeping my source code to myself...
    ... > single most talked about issue with .NET development. ... > but don't have faith that it can single handedly protect my source code. ... > the obfuscators and other protection tools that are out there? ...
    (microsoft.public.dotnet.general)