dotfuscating your code

[Guest]

Hi

I am wondering why MS is using an external vendor for obscuring your assemblies (i.e. Preemptive)

Is this because
A. dotfuscating isn't really necessary. If so, why not
B. There are better ways to make your code difficult to reverse engineer. If so, which ways
C. Preemptive's solution cannot be matched by MS
D. .Net solutions are basically inhouse and not meant for shippment to external clients or as COTS products

Regard
Johan Johansson

 

[Cor Ligthert]

Hi Johan,

You are not the first one who ask this question, maybe you can have a look
at the others first

I made a shortlint to it for you.

http://tinyurl.com/2r6ze

I hope this helps?

Cor

 

[Guest]

It only answers the first of my questions

----- Cor Ligthert wrote: ----
You are not the first one who ask this question, maybe you can have a loo
at the others firs

I made a shortlint to it for you

http://tinyurl.com/2r6z

I hope this helps

Co

 

[Niki Estner]

Hi.

I am wondering why MS is using an external vendor for obscuring your assemblies (i.e. Preemptive)?

Is this because:
A. dotfuscating isn't really necessary. If so, why not?
B. There are better ways to make your code difficult to reverse engineer. If so, which ways?
C. Preemptive's solution cannot be matched by MS?
D. .Net solutions are basically inhouse and not meant for shippment to

external clients or as COTS products.

Regards
Johan Johansson

MS didn't offer an own NTFS defrag utility for a long time;
They never developed a (usable) DOS-emulator;
They include(d) things like Crystal Reports or InstallShield in their
development packages;
Does this mean noone wants do defrag NTFS drives? Does it mean MS couldn't
build a decent DOS-emulator? Or could it mean noone uses InstallShield
setups for shipments to clients?

Of course not.

Moral: The fact that MS doesn't invent the wheel again, doesn't say anything
about the wheel.

Niki

 

[Cor Ligthert]

Hi Johnson,

B. There are better ways to make your code difficult to reverse engineer.

If so, which ways?
Here the 750 other messages about this

http://tinyurl.com/2xzc3

Keep in mind that a good programmer can mostly easier bring an idea to a
better idea than just reverse enginering.

Here a very actual link about that.

http://www.cs.vu.nl/~ast/brown/

I hope this gives you a better idea of the problems?

Cor

 

[Niki Estner]

First: They include a free 3rd-party obfuscator - that DOES aleviate
developer fears. (And I think it qualifies as a "best-practice-hint"...)
Second: If MS told you one of the obfuscation products on the market is
better than the others they'd distort competition - bad for them and bad for
us. The best way to find out which obfuscator is better is using a
decompiler!

Niki

Yes of course, you are right.

But in that case:
* do they regard one or more obfuscation vendors as better than others?
* do they propose best-practices as to these problems?

I do believe it would be to their advantage; making people trust their

products and aleviate developers fears.

 

[Brett O'Callaghan]

I am wondering why MS is using an external vendor for obscuring your assemblies (i.e. Preemptive)?
Is this because:
A. dotfuscating isn't really necessary. If so, why not?

Personally, I pick this one. Why not? Why?

 

[Steve McLellan]

Personally, I pick this one. Why not? Why?

Because you don't want someone nicking your IP?

Steve

 

[Brett O'Callaghan]

Because you don't want someone nicking your IP?

Then you're in the wrong industry!

 

[Steve McLellan]

Then you're in the wrong industry!

That's as maybe. Somebody's got to give those CPUs a workout with some
top-secret algorithms