Re: Am I the only one with doubts about .NET for commercial apps?

From: Daniel O'Connell [C# MVP] (onyxkirx_at_--NOSPAM--comcast.net)
Date: 05/15/04

• Next message: Jim Hubbard: "Re: Am I the only one with doubts about .NET for commercial apps?"
• Previous message: Daniel O'Connell [C# MVP]: "Re: if you don't know mono..."
• In reply to: Rich S.: "Am I the only one with doubts about .NET for commercial apps?"
• Next in thread: Jim Hubbard: "Re: Am I the only one with doubts about .NET for commercial apps?"
• Messages sorted by: [ date ] [ thread ]

Date: Sat, 15 May 2004 00:02:21 -0500

"Rich S." <anonymous@discussions.microsoft.com> wrote in message
news:ED7635A2-B32A-448C-B627-AF54E838524C@microsoft.com...
> Hello,
>
> Just like everyone else, I am excited about how easily one can create
> Windows applications with the .NET platform, but for shareware, I have
> some serious reservations.
>
> 1. Your code can be easily decompiled. This would make it very
> difficult to implement any sort of license restrictions on your app,
> because anything you write can be easily viewed and cracked. This also
> removes any privacy for your intellectual property.
>
> 2. Jim Hubbard, in a previous post, informs me that there is really no
> way to prevent someone from reusing one of your private assemblies in
> their own application! I imagine that someone could simply remove your
> trade marks and names, and slap on their own.
>
> So far, I have found only these two weaknesses, but these are BIG
> weaknesses.
>
> Am I alone in thinking that .NET just isn't ready for commercial
> software development? Or can someone point out something that I haven't
> yet come across that mediates these weaknesses?
>

The problem is that both of these are pretty much not new. While its a touch
harder to do in unmanaged code, no licensing restrictions you add there are
going to stand up any better(thousands upon thousands of cracks for
unmanaged apps come out every year, every major game gets cracked). The most
effective protection scheme I've heard of was from...autodesk I think, which
used a dongle that the program used as a lookup table. It took some doing
but even that was eventually emulated, IIRC. Intellectual property is
mostly a matter of legality, not security. When you ship your application,
in any format, if someone wants it they will take it. While I personally
can't read x86 assembly worth a damn, I've known people who could read it
better than they ould English. .NET just takes away that particular false
sense of security by making it clearer how easy it is to do.

Often times, all that stops someone from using your dll's is that they don't
have the call signatures...given time they will figure them out if they want
them(and possibly publish them). Now, what about COM objects? The user
pretty much has access to them as well...where is the security there?

Again, its something that is apparent in .NET, but certainly not new or
unique.

You can make reusing your assemblies a bit harder by using identity demands,
it'll raise the bar a litlte but it won't make a difference, IMHO.

> .NET is all the rage, but I have yet to see these points seriously
> discussed.
You should go to google groups and start looking up obfustication and
diassembly. This topic has actually been discussed quite throughly, I've
participated in atleast 3 or 4 myself.

>
> Sincerely,
> Rich.

• Next message: Jim Hubbard: "Re: Am I the only one with doubts about .NET for commercial apps?"
• Previous message: Daniel O'Connell [C# MVP]: "Re: if you don't know mono..."
• In reply to: Rich S.: "Am I the only one with doubts about .NET for commercial apps?"
• Next in thread: Jim Hubbard: "Re: Am I the only one with doubts about .NET for commercial apps?"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint