How big of a problem is unobfuscated code?

[Blarney]

Hello,

I have tried the dotfuscator that came with visual studio on my .NET CF
app. The compiled app it produces doesn't want to work. In fact it
crashes the device and needs a soft reset.

I was wondering what others opinions are about how big of a risk or
problem is .net vbcode that is not obfuscated?

 

[Guest]

Depends on what the risk is. If it's not obfuscated, disassembly back to
code is trivial, so it can be reversed engineered. Depends on the product
and business model whether that's a problem or not.

-Chris

 

[Yosh]

Take a look for yourself. Here is a tool by Lutz Roeder called Reflector for
..Net. It has a built in C# decompiler. I have attempted to attach the tool
to this post. If it doesn't make it, here is the link.

http://www.aisto.com/roeder/dotnet/

Yosh

 

[Jim Cooper]

I was wondering what others opinions are about how big of a risk or
problem is .net vbcode that is not obfuscated?

It doesn't actually matter what language you wrote it in, it can be
decompiled into others (see the Reflector link).

Whether there is an issue with people being able to do that depends on
you If you have an app written for a specific client, then it
probably doesn't matter. If you are selling a shrink-wrapped app it
might. Bear in mind that people can still reverse engineer your code,
obfuscated or not, and that they could do the same with non .NET code too.

Also, because of the way obfuscation works, it can introduce errors into
your app. If you've used reflection and have used string literals for
class/method/property/etc names anywhere, you could be in trouble

Cheers,
Jim Cooper

__________________________________________

Jim Cooper (e-mail address removed)
Tabdee Ltd http://www.tabdee.ltd.uk

TurboSync - Connecting Delphi to your Palm
__________________________________________