RE: .net:code obviscation
- From: "Ken Perry" <whistler@xxxxxxxxxxxxx>
- To: <programmingblind@xxxxxxxxxxxxx>
- Date: Sat, 11 Jul 2009 21:45:49 -0400
Well there are lots of ways to pull it off first you don't' have to do it
yourself there are things like this.
The .net protector:
http://dotnetprotector.pvlog.com/home.aspx?ref=google
There are many others if you search for .net Obfuscation. Of course there
are also things you can do from using the visual studio's Obfuscation tools
but here is another article I found it don't' tell much but it's something
more:
http://blogs.msdn.com/ericgu/archive/2004/02/24/79236.aspx
Another better one is:
http://blogs.msdn.com/clrsecurity/archive/2005/05/26/422440.aspx
and another:
http://www.aspnetpro.com/newsletterarticle/2006/10/asp200610jk_l/asp200610jk
_l.asp
With those you should be able to branch off stuff you read here and do other
searches on Google and find out more how to do the Obfuscation in .net.
Ken
-----Original Message-----
From: programmingblind-bounce@xxxxxxxxxxxxx
[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Tyler
Littlefield
Sent: Saturday, July 11, 2009 9:18 PM
To: programmingblind@xxxxxxxxxxxxx
Subject: Re: .net:code obviscation
Ken,
It's more just knowing how to do it and understanding how to do it, or how
it works.
----- Original Message -----
From: "Ken Perry" <whistler@xxxxxxxxxxxxx>
To: <programmingblind@xxxxxxxxxxxxx>
Sent: Saturday, July 11, 2009 6:41 PM
Subject: RE: .net:code obviscation
>
>
> Well I still stand by if it is something you can do it is something that
> can
> be undone if you have the time the money and the will power.
>
> Now the whole thing is though is your code that important. I mean unless
> you are writing something for the NSA what is there worth protecting to
> that
> level. Not even companies like Blizzard with a following of millions
> worries about it to that level because they know they have the market and
> it
> will take more than a decompiler to over take them. Same goes for a
> little
> coder who makes software for the blind there is a balance to be made
> between
> security and difficulty in making that security. I secure my commercial
> software pretty well as Sina knows because I had him try to break it at
> one
> time. He of course didn't have the time to do it but I am betting some
> well
> placed 13 year old could do it if they had a good bag of chips and a
> transformer movie to watch to keep his mind busy while working on the
> small
> task of my security I wrote. So just remember locks and security are in
> the
> world to keep honest people honest. The people who want to get in will no
> matter what you do.
>
> Ken
>
> -----Original Message-----
> From: programmingblind-bounce@xxxxxxxxxxxxx
> [mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Sina Bahram
> Sent: Saturday, July 11, 2009 5:03 PM
> To: programmingblind@xxxxxxxxxxxxx
> Subject: RE: .net:code obviscation
>
> Everything Ken said is practically true; however, there are very
> complicated
> ways of actually getting around this.
>
> Technically, you can use techniques such as address space layout
> randomization, jump tables, and so on which will virtually, 100%, fool
> anything out there.
>
> Some of the approaches are dangerously close to some of the research I'm
> doing, so I can't talk about them, but it is technically possible to fool
> every single decompiler out there.
>
> Take care,
> Sina
>
> ________________________________
>
> From: programmingblind-bounce@xxxxxxxxxxxxx
> [mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Ken Perry
> Sent: Saturday, July 11, 2009 4:11 PM
> To: programmingblind@xxxxxxxxxxxxx
> Subject: RE: .net:code obviscation
>
>
>
>
>
>
>
> Sorry to say but no matter how much you would rather it not be possible it
> is. It doesn't matter if you compile a c++ program or write something in
> Asm. There are programs that can decompile code and some that do it
> rather
> well. Remember though this is not a easy thing to do and if they are
> going
> to use tools like this they can hack things by hand just the same.
>
>
>
> You can do things like encrypt your data that helps but if a person is
> determined enough they can break almost any security and uncompile almost
> any language.
>
>
>
> The best defense against someone hacking or copying your code. is either
> to
> Open source it and put a good license on it or to charge a decent price
> for
> it. You don't see people trying to rip companies off that sell their
> product at a decent cost.
>
>
>
> Ken
>
>
>
>
>
>
>
> Littlefield
> Sent: Saturday, July 11, 2009 3:01 PM
> To: programmingblind@xxxxxxxxxxxxx
> Subject: .net:code obviscation
>
>
>
> Hello,
>
> I was wondering how you might obviscate code in .net. I know that there
> are
> programs out there like reflector that will disassemble it for you and I'd
> rather not have that happen.
>
>
>
>
> __________
> View the list's information and change your settings at
> //www.freelists.org/list/programmingblind
>
> __________
> View the list's information and change your settings at
> //www.freelists.org/list/programmingblind
>
__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind
__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind
Other related posts:
