Protecting your sourcecode

  • Thread starter Thread starter www.mobidogs.com
  • Start date Start date
W

www.mobidogs.com

I also read during this afternoon's chat that the community edition of the
Dotfuscator that comes with VS 2003 does not work for CF projects. I hadn't
quite got to that step yet but had planned to use it before releasing an
upcoming product.

What are some of you who develop commercial applications doing or planning
on doing to protect your intellectual property? Are there some commercial
Obfuscators that work with CF? Are there some other approaches perhaps?
Are you really comfortable releasing a .NET CF product when .NET disassembly
tools are so common and readily available?
 
Interesting, I could have swore (but I won't) that I read that the
"Community Edition" didn't work on CF code for some reason.

I guess I will have to go back and check the recorded version when it gets
posted. Did you by chance copy down the link where they post the archive
for those chats?
 
It should be posted in the NG tomorrow..I know it takes some editing before
they make it available.
 
I have just been recently down the same road. After I was just ready to
release my CF app onto the market as an EXE, I thought I better look into
obfuscation. Even before I began looking, I simply used the disassembler,
ILDASM.EXE, supplied with VS .NET 2003 and ran my app through it. I was
literally shocked to see all of my code just sitting there for anyone to
see. In reality, the symbols I used were there as well as the code, though
compiled.

I began hunting around for a good obfuscator and also came across the post
that the Community Edition of the Dotfuscator in VS .NET 2003 did not work
for CF. In the end I purchased the Xenocode Enterprise Edition as it seems
to do a reasonable job in "scrambling" one's code. Though it was about
$US199.00, I think, I felt it was worth it for my business in the longer
term.

Chris Tacke indicated in a post that while obfuscators do a good job, they
are not all perfect. This would seem to be the case as CF is compiled to IL
code anyway and not native code. No doubt, disassemblers will get better so
I guess we will all be on the merry-go-round into the future, trying to get
better "scramblers" to outdo disassemblers.

At this stage, I am happy with Xenocode, www.xenocode.com. There is a 14-day
trial version.

One of the good features of Xenocode is that you can hook it into your
build/deployment solution in VS .NET 2003. I produce a .MSI file for my app,
which I decided is to be only distributed by CD since I also have some
desktop side supporting .NET EXEs as well. Hooking the Xenocode code into my
solution just now means a one-click for build, obfuscate, .MSI file and
Setup.exe file creation, and I am done.

Regards,
Neville Lang
 
I tried obfuscating my CF apps. Nope. didn't work at all.

Xenocode is said to be working, but only if you selectively obfuscate only
certain methods and not the whole class. That's what I got from the NG last
time I asked the question.
 
I use XenoCode, and I found that if your assembly uses Reflection namespace,
that will not work after the obfuscator mix the code.

And you have to try to lower the protection level in XenoCode, that is ,
don't encrypt all functions, and don't encrypt strings...
You can try and find a proper setting for NETcf code in XenoCode.

It will works, I promise.

--
Best Regards,
Jan Yeh

MVP(Windows CE.NET), MCAD, .NETcf Developer & Consultant
Mobile Mind Co., Ltd. @ Taiwan
 
I tried the full version of Dotfuscator 2.0 (trial for 30 days) with string encryption on a CF application and it worked (unlikely the first version which had some problems). The downside of Dotfuscator 2 (not Community Edition) is the price $1495 for the Professional Edition (the only one with string encryption)
 
Thanks everybody,
Some great feedback, I will try and look into some of these products.
 
Back
Top