Code wrap

[Guest]

Hi,

I have a major issue with .NET applications using .NET Framework. .NET
applications are very easily reversed and the code is there (everything
exposed), with the common use of Reflector applications. Is it possible to
protect the code in order it is not decompiled?

One other thing...

Is is possible to avoid installing .NET Framework on application deploy,
carrying only the .dll and .exe files.

Thank you

 

[Stoitcho Goutsev \(100\)]

Bruno,

I have a major issue with .NET applications using .NET Framework. .NET
applications are very easily reversed and the code is there (everything
exposed), with the common use of Reflector applications. Is it possible to
protect the code in order it is not decompiled?

There are several obfuscator tools out there that are created to scramble
your code so it is hard to read it and understand it using the refelector
tool. One such tool - dotfuscator is included in VS2005. They do pretty good
job, but before using them make sure that you know how they work and you
know very well the code that is to be obfuscated otherwise you may break the
application after obfuscation.

I'm personally against using such tools, but everybody has its own opinion
on this.

Is is possible to avoid installing .NET Framework on application deploy,
carrying only the .dll and .exe files.

I'm afraid this is not possible. I've heard that there are tools that
precompile the code as well as all .NET assemblies that the code uses in one
native application, but I've never tried one and don't know how succesfull
those projects are. Keep in mind that you can precompile your .NET
application using the NGEN tool from the SDK, but that doesn't mean that you
don't need the framework installed in order to run the application. At the
very end if you wirte .NET applciation you need to have the platform
installed. It sounds to me the same as one is asking "Can I write a Windows
application that can be run without Windows installed".

 

[Guest]

Stoitcho Goutsev,

Thank You very much for your anwser.
If you are against these Obfuscators, how do you find that is the best way
to protect the code. For instance, if you are accessing remote information or
keeping variables inside the code?

Thank You

Bruno

 

[Stoitcho Goutsev \(100\)]

Bruno,

Lets don't be confused. There is protection of the code (algorithms inside
your code) and there is protection of information.
Obfuscators, protect your code, they don't protect information. To protect
infgormation there are several standardized cryipting algorithms that are
whell know how they work, but unbreakable in reasonable amount of time.

I'm against obfuscation. Documentaiton is never good enough and the
reflector tools come in help in the places where documentation is weak. I
frankly don't understand the parantoia of somebody looking at your code.
Obfuscation makes understanding the code harder, but not imposible.