.Net Obfuscation

views:

764

answers:

+6 Q:

As many of you know there is no copyright law in some countries. I support copyrights myself, but in Iran:
Windows Server 2008 =1$
king 2008 = 14$
MS SQL Server 2008 =50 Cents
...

How can I prevent my code being decompiled in 30 seconds. I have seen lot's of videos which learn how to decompile in 30 seconds. What is best obfuscator program(.Net) money can buy?
Does it have any automated anti obfuscation program?

+11 A:

Have a look at

Also

How-To-Select an Obfuscation Tool for .NET

astander 2010-01-01 12:28:16

Pessimists will insist that no obfuscator is good enough; but they definately make the job much more difficult--provided there is a decent licensing system in place.

STW 2010-01-01 17:40:44

+6 A:

If Microsoft cannot solve this problem, then nobody can. No matter how you obfuscate it, it will be cracked and there is nothing you can do about it.

You either don't develop software for this market or make it free and figure out other income stream.

lubos hasko 2010-01-01 12:34:52

I know that.I only need a way to sell more than 1 copy.

Behrooz 2010-01-01 12:37:10

This is not true, i doubt if the pirates we're talking about are the ones who actually crack windows. They just download it and burn it. So obfuscation is enough if the software is targeted for iranian market. And im sure there are people there who can break it, but at least you make their lives harder.

Henri 2010-01-01 12:44:38

"make it free" ?????no one thinks : "Is it free?", "Hey its an opensource.", "let's donate 1Cent to that company.", "what is the company's name?"

Behrooz 2010-01-01 12:45:13

Microsoft actually doesn't seem to try very hard to protect their code -- other companies do a much better job.

RickNZ 2010-01-01 12:52:46

+1 A:

I've used SmartAssembly in the past and found it to be pretty decent at what it does. I'm not sure this route will be very effective in hindering hackers circumventing your copy protection, however.

Phil Nash 2010-01-01 12:47:06

+2 A:

Obfuscation won't prevent your code from being copied or decompiled. It makes it more difficult to make changes to your code or to understand exactly how it works, but is that what you're really trying to prevent?

RickNZ 2010-01-01 12:51:46

I have lots of ways to prevent copying.but they cannot work if the hacker knows how they work.

Behrooz 2010-01-01 12:53:50

then those are bad ways

shylent 2010-01-01 17:40:37

they are not bad.they become bad when a hacker knows how they work.I promise you cannot overcome any of them.but if you have the code, you compile my code in a few seconds.But i think you will replace "JZ" and "JNZ".

Behrooz 2010-01-01 18:21:56

+4 A:

I would suggest you:

Xenocode .NET Obfuscator 2010 ( or Xenocode Postbuild )
Dotfuscator
Redgate Smartassembly

I used the first and works flawlessly.

Salv0 2010-01-01 12:53:55

"Xenocode", it is just like a toy in the forum i wrote in a comment for lubos hasko.

Behrooz 2010-01-01 12:55:53

uhm give it a try

Salv0 2010-01-01 18:00:38

"don't buy Dotfuscator".I have the cracked version.I can share it with you.

Behrooz 2010-01-10 15:11:16

+2 A:

Here there is a comparison of .Net Obfuscators

You may also consider a hardware solution such as using USB Dongles against copying or else.

For years I thought that Microsoft was not against prated software. I thought that they did not want to loose microsoft users in countries like Iran to linux. But now they prevent it if user enables automatic updates.

Is the application you want to sell concerned with internet? If so add your application a function which checks if the license key is valid from your web site. But do not add this as a single method. This can be disabled with reverse engineering. You can add this function in addition to obfuscating.

JCasso 2010-01-01 14:26:04

virtual devices solve the problem.

Behrooz 2010-01-01 18:18:14

Some generate id's specific to that hardware (usb device) how do they solve that problem?

JCasso 2010-01-01 19:04:17

I have some programs witch make everything(from sector 0 cylinder 0 Bit 0 to ∞) as you like.

Behrooz 2010-01-10 15:12:50

+1 A:

You are solving the wrong problem. This is piracy, not IP theft. Nobody is going to make the effort to decompile your program when a running version of your program costs a dollar. They'll have the exact same problem you have, can't earn a living. Solving a piracy problem requires a gun boat.

Hans Passant 2010-01-01 16:56:20

It costs a dollar because everyone copies everything he likes.1$ is the price of a CD not a program+1CD.

Behrooz 2010-01-01 18:17:30

Okay, zero dollars then. It doesn't change the logic.

Hans Passant 2010-01-01 18:30:14

Having your software piece cracked does not mean fiasco to your business, it does mean just the opposite - your sotware is demanded.

The fact, that 90% of people are using your software for free should not disappoint you. Consider them as a free user base you gain, which is important to your software marketing.

You can even consider some conversion rate from pirated to licensed users in your marketing plan.

George Polevoy 2010-01-01 17:36:47

For at least 45 seconds of security you can try a .NET linker/compiler:

http://www.remotesoft.com/linker/

2010-01-04 18:59:32

It looks like you need a combination of licensing and obfuscation. Licensing for um, licensing, copy protection, hardware-locking, etc. This will make it difficult to pirate your program. On the other hand, if you need others to stop looking at your source code or changing the source code, you need obfuscation. Check out CryptoLicensing + Crypto Obfuscator combo.

logicnp 2010-01-06 09:44:38

+1 A:

There isn't such thing as 'best obfuscator'. And it's certainly not a matter of money, i.e., it doesn't mean that only lot of cash can provide true protection.

Since a lot of guys are talking about products, and name products, I'll tell you about my experience.

I have tested about 10 obfuscators with my projects (scientific class libraries, lots of generics, generic interfaces, etc...) before I buy one and many of the expensive and famous obfuscators failed:

Dotfuscator (found a serious bug - they couldn't do anything to fix it, though I sent them some source files to reproduce the bug)
CodeVeil (crashed or produced assemblies that crashed at run time, and pretty damn slow!)
XenoCode (crashed or produced assemblies that crashed at run time, not so often as CodeVeil did!)
smartassembly (crashed; could not even produce assemblies)
...

I didn't have the opportunity to test some other products (like one from Arxan) because the price they asked was ridiculous (the price was $15000, initially, and dropped to half when I told them I was not interested - they had two salesmen keep sending emails at me; guess who was going to pay for their bills...).

Finally I purchased two of the obfuscators that were at the bottom of my list and cost less than $400 (each). I didn't believe they worth of any value because of their small cost. I realize now that they were simply cost-effective solutions. They didn't crash at all, they did what they were supposed to do fast (unlike CodeVeil, which is so slow...) and save me a lot of money...

ileon 2010-03-08 22:29:57

Continue please:
Microsoft Visual Studio 2010 Professional = 1$ + 75c
3D Studio Max 2009 = 1$
Recently i write a font editing program using python and wxGlad, that takes 7 months. now want to distribute it but I'm pretty sure it will be cracked by Emperor Darya or others in less than 30s. so decide to change its license to Freeware.

The Cyber Society of Iran is not related to Copyright law. there is many copyright conventions accepted by government (Only for Iranian developers). but not applied by users at all.

after designing and applying security system to your code, see:

قانون حمایت از حقوق مؤلفین :توسعه‌دهندگان نرم‌افزار

to find a suitable license system for your product. but don't expect foreign developers to be supported by law in Iran: this is a "Tahrim" problem! :-)

Sorush Rabiee 2010-04-02 11:28:49

ansaurus

tags:

views:

answers:

.Net Obfuscation

related questions