Am I correct in assuming that .NET is a kind of Claytons Open Source (the open source you have when you're not having open source) given that it is so readily decompiled into a variety of representations?
Obfuscation is nothing for someone with a text editor and access to regular expression-based text substitution tools. What do I do when I want to use .NET tools and yet maintain strict control over intellectual property?
There is an application from RemoteSoft called 'Protector' that will prevent decompilation of the .NET code. It's not an obfuscator - they have a separate product that does that. Only 'issue' with it is that it basically native compiles the code, so you lose JIT benefits and potential multi-platform capability.
I have become very partial to running everything over the web. The combination of Javascript/Flash (or Silverlight) and solidly designed HTML can give you a beautiful front end while doing quite a bit to protect the underlying code. Not to mention the advantage of updating once and having it instantly applied to everybody.
The unfortunate thing is that anybody can decompile any code and use it anyway they want it. If you build a DLL or EXE that contains a function then somebody can reverse engineer it and use it as if it were their own code. I say where you can you keep the IP out of the hands of the IP pirates and let them go after less interesting pieces of work.
Strict control over intellectual property is a myth, as demonstrated amply by thepiratebay.org (not only movies, but also applications). The only reasonable solution is to create a client-server solution with the especially protectable parts kept serverside under your control, and exposed only via interface.
The only thing that helps for "normal" desktop applications is that decompiling and analyzing any program is a time consuming and intellectually quite involved task. So, unless you are trying to protect something that somebody is prepared to spend lots of money/time on to analyze, nobody will probably bother anyway.
Well you'd better not share anything you ever create. People can scan or photocopy books, they can rip and burn copies of CDs, and they can disassemble your code, whether it's in MSIL, Java bytecode or x86 assembly.
Intellectual property is not something you control. Intellectual property rights are something you enforce.
I don't think that you are interested in those who would decompile your bytecode. They are not going to be your customers anyway. Just make it hard enough to prevent otherwise honest people from stealing it and you should be fine.
There are a number of options for you to protect your IP even if you develop using .Net. Obfuscation is only one solution.
RemoteSoft's software can turn your application into a Native code app.
Or you can use Xenocode's solution, which will also do the same.
But frankly I don't think all that effort is required. Obfuscation is good enough.
Don't underestimate the power of obfuscation. Yes, all the code will still be there - but without any legible names at all, it can be very, very hard to understand a significantly sized piece of code.
Heck, most of us find it hard enough to read our own commented, debuggable, unit tested, nicely-named code a couple of years after writing it. Taking away all the things that make that "easy" leaves a real mess.
I dare say there are times when the implementation really is so sensitive that the time taken to reverse engineer it would be worth it for the cracker - but they're few and far between.
At some point, you need that thing called lawyers. Or alternatively, using web-services etc simply don't deply your important code into the public domain. Ultimately, anything that gets to the client can be opened regardless of the technology and/or protection (obfuscation etc).
Don't forget, you own the IP regardless of whether people try to open it...
Or you could just open source it and live from a service oriented business model.
Your goal should be to have reasonably good protection by using an obfuscator such as Crypto Obfuscator which hinders most hackers and crackers. Your goal should NOT be to try to use a 100% unbreakable system which no man on this planet can break, becuase such a system does not exist.
Just use a good obfuscator and licensing system and that's the end of it.