How do you guys protect your software (.NET)

Red Gate has some pretty powerful SQL software, but the ULTIMATE in Obfuscation tools is Xenocode's PostBuild. Our software is protected only by Xenocode and it suffices. Xenocode adds spaghetti code and also scrambles all string declarations in you code as well. We tested many obfuscation tools before finally releasing our product, but only Xenocode could handle complex libraries of code. Other obfuscators completely destroyed the assemblies up to the point that nothing could be executed...
 
FarligOpptreden said:
Red Gate has some pretty powerful SQL software, but the ULTIMATE in Obfuscation tools is Xenocode's PostBuild. Our software is protected only by Xenocode and it suffices. Xenocode adds spaghetti code and also scrambles all string declarations in you code as well. We tested many obfuscation tools before finally releasing our product, but only Xenocode could handle complex libraries of code. Other obfuscators completely destroyed the assemblies up to the point that nothing could be executed...
Click to expand...

That's actually quite interesting....

FarligOpptreden said:
spaghetti code
Click to expand...

now that just sounds delicious!
 
dequadin said:
A bit of history:
I'm busy converting a large software system from VB 6.0 to C# 2.0. So I've been on my merry way splitting the system up and creating class libraries from all the modlues (etc) copy/pasted throughout the currrent system.

Today I discovered this:
http://www.red-gate.com/products/reflector/

Cool tool but also NOT COOL!

Even after running Dotfuscator Community Edition I could tell what was happening in my dll's.

So my questions are?

Are .NET dll's not the correct route for highly critical intellectual property?
Do we spend the $$$ and get a something like the commercial version of Dotfuscator?
What do you guys do?
Click to expand...
sorry if it sounds mean.. but

this is old news, I have used reflector for 2-3+ years now to check dependencies of files, etc. You can open Microsoft's dll to look inside to.

Remember dlls is just compiled into .net MSIL and not machine code.
 
dequadin said:
Thanks for the advice, I'll check out the demo. This type of software is really expensive.
Click to expand...

After the 30-day trial you'll wonder how you ever got around without it! :p Upon installing PostBuild, it also creates an add-in for VS with which you can automatically obfuscate the code after compiling (CTRL+Shift+B). You can set up a configuration file and specify which classes in your assembly(ies), as well as which strings (yes, it also picks up every single string declaration in your code) you want to scramble. It's very flexible and powerful.

We bought a license a while before the price increase and even got "automatically" upgraded to a 5-user license, still on our old price! :D
 
Do a proper reevaluation of why you think you need such software.
 
What on earth can be so dang secret anyway? OSS projects give their source away.
If your software happens to be national security stuff, then do not give your DLLs out, use some other process.

pfft at "my code is so farking brilliant, people will try and steal it" mentalities.
 
I love open source... even if I have to er... open the source myself ;)

My philosophy is, if I can hack it I can have it. (Saved me a couple of hundred bucks like that before)

Sure, morally its not 100% "right"

But the same goes for you and my code. If you can hack it you can have it. I don't care. ;)
 
dequadin said:
Well I need class libraries (dll's) and I need them in .NET and I don't want people to see the code?
Click to expand...

I understand that, what I meant is consider carefully why it would be a problem for you if they did.

dequadin said:
We sell our software per PC and the license keys are linked to the physical hardware. If someone broke/hacked this they could copy our software to their hearts content!
Click to expand...

Why would they and what would you really lose if they did?
 
dequadin said:
Software Sales = $$$$
Click to expand...

Something to think about... (and if you look at some of the really excellent programmer's, you'll see the truth behind it)

If you only chase money, you'll find it empty and yourself always wanting.
If you chase your passion, money will follow.
 
dequadin said:
One thing you guys are maybe missing is that this is my Company's commercial software and not a "personal project"....
Click to expand...
If you (or your company) sells software for the .net framework obfuscation is the way to go :D, else you can post your code on the internet ...
 
dequadin said:
One thing you guys are maybe missing is that this is my Company's commercial software and not a "personal project"....
Click to expand...

I'm in exactly the same boat as you and, based on our experience of various code obfuscators, I can honestly recommend the investment in Xenocode. Sure, if you decompile the code you'll still be able to follow the logic, but with all the spaghetti code and useless naming conventions created by scrambling the code (as well as string encryptions), it will just make the exercise very difficult.

Another thing to consider though - people will always try to copy what you've done. The trick is to think ahead and always leave something out for a future release. Think in the same way as Gillette and Shick - they PLAN their new razor releases years in advance. The Mach 3 was already designed and ready to be released a few years before they actually did. They just had to wait for the market to be ready for it... ;)
 
if someone really wants to copy your software, they will. Software companies spend millions of dollars trying to protect their software and it never works. just look at the number of pirated MS products floating around.

if you can read it, you can copy it.

I'm not saying you shouldn't try to protect your code, but making your code un-crackable is impossible!
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X