Jim said:
" All the obfuscator does is renames variables. In fact if you are a poor
programmer, it is easier to reverse the
obfuscated version..."
Really? - I thought many of the better ones do a few other tricks too.
Sure they do, and they think they have created something *cool* and
inovative. I suppose that if you look at the obfuscated code "literally"
it does look tricky. People that are not accustomed to reversing
obfuscated code will be lost. Because they lack the skills
to understand the essence of reversing. Which is why they are
using a de-compiler in the first place. They wanted to know
something about the code.
How does an obfuscated program that trips up the likes of reflector and
other commercial decompilers, and with what comes out having very similar
overloaded names become easier than looking at the original unobfuscated
assembly?
My original statement on this had two meanings. First, I was being a cynical
aimed at poor developers who use terrible variable naming. Forget about
that.
What I really meant was that, most of the time when you are reversing,
you don't really care about the variable/class names. If you try to read
obfuscated
code in this way, it means that you don't understand how to properly
reverse obfuscated code. So I suppose this is why the vendors of obfuscators
think
they have value as they have stopped the *copy/paste* thief.
The analogy that comes to mind is:
Remember the famous story about the Unix administrator who thought it was
funny that people were downloading the encrypted password file....
The administrator was laughing about how stupid these people were,
as surely everyone knew it was impossible to reverse the encrypted
password file. Technically he was right, but once he learned what the
hackers where doing with the encrypted password. He didn't think it
was so funny. They simply ran a dictionary attack and discovered
weak passwords. Major security hole!
If you are really interested in reversing, let me know and I will post more
info.
I'm not a fan of Obfuscators myself, but they do help to raise the bar
some.
" It is unlikely that what-ever you are protecting has been written well
enough to be of value."
Well, if thats the case, then I doubt if the person would be selling many
licenses for the software either, but I would guess it is the revenue
stream the author is trying to get some sort of protection against, at
least bringing it back to native code levels again. - This is difficult to
achive in .net, but good obfuscators can help bring it nearer.
To be clear, my comments were directed at a person, which I assumed
to be a single person developer, not a corporate development team, with a
professionally written software product.
But if the person is really worried about things, I'd suggest going back
to native code compilation, or writing mixed mode assemblies, using .net
for only parts of the application.
Technically you are correct. But would now greatly increase your product's
release date. In my opinion, you are better off loosing some revenue and
getting the product delivered.
In closing.
Take notice to one Software Company, which I really think has a great
business model.
http://www.devexpress.com/
Developer Express is really smart.
1. They offer an excellant product.
2. They sell the software with the source code for $1299.00.
3. It has been engineered by some very bright people. I know cus I looked at
the source code.
Notice what they have done.
They completely eliminated the threat of reverse engineering, and gave you
the source code.
No way could anyone reverse-engineer this software for $1299.00.
They also release frequently to make the previous source-code irrelevant...
Who want's buggy software?
Russell Mangel
