Re: Running .Net 2.0 Application without having .Net Framework installed
- From: "Huihong" <huisinro@xxxxxxxxx>
- Date: 28 Apr 2006 11:00:07 -0700
You are again talking about a different thing. I said the BEST
protection against people to get back the source code from .NET
assemblies.
Let's do this: give me some .NET assembly that you think is better
protected and decrypted at runtime, I will get the source code for you.
In turn, I will give you a native compiled .NET assembly, I bet you
just won't be able to get the source code back. Is this simple?
All you are talking about is to prevent some kind of license key
hacking and cracking piece of the code.
In terms of encrypt and decrypt at runtime, it's nothing to protect
..NET code, may be good for native code. You don't see that the CLR
engine needs to be feeded with IL code, no matter how fancy you do with
the encryption, by the time code is executed, it MUST be in IL code
format. I can easily dump them out at that moment. If that is what you
think the best protection, that's nonsense.
The encryption/decryption/anti-debugging/anti-tracing/memory protection
on top of native code is another layer of protection, but only after
native code is available, which is what exactly our tool does right
now. Without native code, those means don't make sense.
There are so many people claim that native code is as easy decompiled
as Java/.NET, I just don't buy it. It is a totally false statement, and
very deceiving. The scale and easiness of decompilation is so much
different. Give you a 5 MB native exe, you will be overwhelmed by
disassembling, the most one can do is to crack some keys. On the other
hand, give you a 5 MB .NET assembly, one can easily dump out all source
code.
Göran Andersson wrote:
I have seen far better protection, like code that is decrypted in
realtime as it is executed. There you have something that is really hard
to reverse engineer. Native code is childs play in comparison, and
hardly the BEST.
Huihong wrote:
I guess what I meant here is not able to convert to source code using
any decompilers. Of course, you can disassemble the x86 instructions,
and follow the debugger to extract certain info, but there is no
decompiler available to turn that into source code. The original .NET
images, before native compilation, can be very easily decompiled. If
you think you have better ways than native code to defend against
reverse engineering, I would be deadly suprised. This is the BEST
protection.
Göran Andersson wrote:
Guaranteed that your code is not able to be reverse engineered.Excuse me, but that is nonsense. If the code can be executed, it can
also be reverse engineered.
.
- Follow-Ups:
- Re: Running .Net 2.0 Application without having .Net Framework installed
- From: Göran Andersson
- Re: Running .Net 2.0 Application without having .Net Framework installed
- References:
- Running .Net 2.0 Application without having .Net Framework installed
- From: schworer
- Re: Running .Net 2.0 Application without having .Net Framework installed
- From: Huihong
- Re: Running .Net 2.0 Application without having .Net Framework installed
- From: Göran Andersson
- Re: Running .Net 2.0 Application without having .Net Framework installed
- From: Huihong
- Re: Running .Net 2.0 Application without having .Net Framework installed
- From: Göran Andersson
- Running .Net 2.0 Application without having .Net Framework installed
- Prev by Date: Re: MSBuild vs Nant
- Next by Date: Re: ByRef
- Previous by thread: Re: Running .Net 2.0 Application without having .Net Framework installed
- Next by thread: Re: Running .Net 2.0 Application without having .Net Framework installed
- Index(es):
Relevant Pages
|
