How secure is our source code?

W

William Ryan

By Safe, what do you mean? through reflection, the contents of code can be
easily examined unless it's obscured. In that sense, it's not safe at all.
However, you can define security policy for instance and exert tremendous
amount of control over how your app runs, where it runs etc. Since .NET is
in a managed environment, there are all sorts of other things that make it
more secure...no more buffer overflows for instance.

Lax coding practices make code insecure, not .NET. You can write insecure
code with any language and people do. If you understand how the framework
works, you can take measures to protect from whatever threats you perceive
to be there.

HTH,

Bill
 
T

Tom Leylan

William Ryan said:
By Safe, what do you mean?
Click to expand...

He's generally referring to the inherent nature of IL-based languages to be
turned back into source. The exact same issues were brought up when Java
was released. Code obfuscators were devised, there are probably some for
..Net already.
 
T

Tom Shelton

He's generally referring to the inherent nature of IL-based languages to be
turned back into source. The exact same issues were brought up when Java
was released. Code obfuscators were devised, there are probably some for
.Net already.
Click to expand...

Dotfuscator community edition ships with VS.NET 2003... They also have
a full blown commercial product and there are a couple of other
commercial obfuscators - like the one from Remotesoft, Salamander .NET
Obfuscator...
 
W

William Ryan

Yep, I was just trying to make a point that 'secure' code has many different
facets to it. As for obfuscators... we just got Salamander and it's pretty
darned cool.
 
T

Tom Shelton

Yep, I was just trying to make a point that 'secure' code has many different
facets to it. As for obfuscators... we just got Salamander and it's pretty
darned cool.
Click to expand...

Do they have an evalution version yet? I've sorely wanted to try that
one out. If it lives up to it's promises I think it would be something
that my company would be interested in - but I am sure they would want
to play with it a little before taking the plunge. As it is, if we buy
one it will be the full Dotfuscator - simply because the free version
ships with VS.NET.
 
F

Fergus Cooney

Sorry to butt in guys - nothing to do with Salamanders or anything.

Hi Bill,

I saw your post and sent off a reply but I'm having problems with that
group - posts don't appear and so I repost and they still don't appear. I sent
several copies of a message to Steve and none have appeared in my OE (nor his
reply) but have on Google. I don't know if you can see my reply to you and
another (plus a re-post) to Scorpion. That's one hell of a twilight zone over
there.

Regards,
Fergus
 
P

PreTech

Hi John,

Microsoft is using Dotfuscator Professional Edition to protect the
..NET apps they want to protect against reverse engineering. A lite
version of Dotfuscator is included in VS.NET and PreEmptive is working
closely with Microsoft to set new standards in .NET obfuscation.

For more information see:

http://preemptive.com/dotfuscator/

Best Regards,
The Dotfuscator Team
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Protect You source code 3
protection from .NET Decompiler? 16
How to protect code from dissasembly and decompilation? 1
How did Remotesoft did Protecter software? Hiding codes...Wow! 1
Working with Graphics in VB.NET???? 2
How to Protecting the .NET Source Code by Decompiling, Obfuscationusing Dotfuscator 2
hiding source code vb.net 5
vb.net scripting 1

Top