Newbie: How safe is source code?

[John]

Hi

I am a complete newbie and am contemplating moving to asp.net from asp. How
protected is an asp.net web site source code should it be delivered to a
client?

Thanks

Regards

 

[Michael Ames]

My opinion:

If your concern is about protecting access to the code itself, then ASP.NET
source is much safer than classic ASP, because the deliverable is actually a
set of compiled .dll's, rather than a set of vbscript files.

However, you should be aware that it is notoriously easy to decompile a .NET
assembly into very clean source code. If this worries you, you should
consider using an obfuscator to "scramble" the dll code so that decompiling
either doesn't work or doesn't work very well.

-Michael

 

[PreTech]

Hi John,

You should obfuscate your ASP.NET with Dotfuscator (a .NET
obfuscator).
A lite version is included inside VS.NET 2003 under the tools menu.
This will make reverse engineered code harder to understand.

If you want more protection that significantly hinders reverse
engineering by crashing or stopping decompilers and support look at
Dotfuscator Professional Edition.

For more info: www.preemptive.com/dotfuscator

Best Regards,
Dotfuscator Team

 

[jon]

I agree. But what about 'Whidbey' (new VS 2004)? I think we going
back to ‘no code-behind'.

 

[PreTech]

Even with 'no code behind' isn't the result still .NET code which can be decompiled?

 

[LogicNP]

To guard against this, you need a combination of obfuscator (to make it harder to decompile) and licensing (to prevent piracy). Check out the Crypto Obfuscator+ CryptoLicensing products (http://www.ssware.com) for doing this.