Re: Protect IL Code

From: YK (YK_at_discussions.microsoft.com)
Date: 07/01/04 

Date: Wed, 30 Jun 2004 16:45:02 -0700

Hi Alek,

I think obfuscating only private and internal properties does not hide much of your code. Many times, code in business objects will reference public properties from itself or other business objects. This will induce some meaningful flow of logic when the code is decompiled.

Regards,
YK

"Alek Davis" wrote:

> YK,
>
> I do not know how DotFuscator works, but if it is similar to Demeanor (by
> WiseOwl), then it can be configured to obfuscate only private and internal
> properties/methods/classes (this is a default setting in Demeanor). In your
> case, since the property of Employee object is used by the front end, it
> should be public, and thus it will not be obfuscated. If DotFuscator
> obfuscates public properties, you probably do not have it configured
> correctly (my guess).
>
> Alek
>
> "YK" <YK@discussions.microsoft.com> wrote in message
> news:6BFC1AC7-41C8-4275-BA63-4C4D63453083@microsoft.com...
> > All,
> >
> > What is the best way to protect IL code?
> >
> > ---------------------------------------------------
> > Typical scenario:
> >
> > Visual Studio .NET 2003 includes Dotfuscator Community Edition, which
> intends to protect IL code. However, many .NET applications use data binding
> in UI forms. For example:
> >
> > Employee e = new Employee();
> > txtName.DataBindings.Add("Text", e, "Name");
> > txtAddress.DataBindings.Add("Text", e, "Address");
> >
> > In this scenarion, property names are coded as string to be resolved at
> runtime. After obfuscation, the property names in the Employee class have
> changed, but the string in the data binding code retained.
> >
> > We can configure obfuscator tool with a list of exception names that the
> tool will not process. However, this maintains the property names, which
> eventually reveal the actual logic.
> >
> > ------------------------------------------
> >
> > Thanks
> > -YK
> >
> >
>
>
>

Relevant Pages

  • Re: Protect IL Code
    ... I do not know how DotFuscator works, but if it is similar to Demeanor (by ... then it can be configured to obfuscate only private and internal ... > We can configure obfuscator tool with a list of exception names that the ...
    (microsoft.public.dotnet.security)
  • Re: Keeps getting exception in dotfuscator output
    ... The exception I got was a file not found exception or something like ... So now I can obfuscate my app. ... When giving the release version as input to dotfuscator it says this ... use the "rename" feature. ...
    (microsoft.public.dotnet.framework)
  • RE: .NET and keeping my source code to myself...
    ... I understand that you need to obfuscate your assembly to ... Visual Studio .NET 2003 has provided us with a tool called Dotfuscator. ... Dotfuscator is an obfuscator for .NET assemblies. ... smaller and faster .NET applications. ...
    (microsoft.public.dotnet.general)
  • Re: Dotfuscating Part of an Application
    ... next best thing would be to dotfuscate the DLLs that are part of the ... If you're using the Dotfuscator Community Edition that ships with VStudio, ... you'll need to obfuscate all assemblies together as a group. ... obfuscating anything in the dependent assemblies. ...
    (microsoft.public.dotnet.security)
  • Re: obfuscation & reflection
    ... MrNobody wrote: ... > Now, I want to obfuscate as much of my program as I can, though if I ... For Dotfuscator, you can single out the classes you want excluded from ...
    (microsoft.public.dotnet.languages.csharp)