locked
Code Security RRS feed

  • Question

  • I would like to understand code security a little better.  I know that decompilers can be used to display net source code.  It seems like whatever method is used to protect information like connecton strings, encryption strings, passwords, etc.  eventually the program must utilize the information and it becomes visible.  If I compile my application in "Release Mode" and provide it to another individual, can that person running hacking software run my software in debug mode and view variable values line by line at point of execution or are they limited to simply viewing source.

    Thanks,
    Fred 

    Friday, September 9, 2005 5:07 PM

Answers

  • As soon as someone has access to the source code, they can just put it in a new project of their own and run it in debug mode.

    The most efficient way to protect your program is to use an obfuscator, which changes the source code in a way that the program executes exactly the same, but is not readable by humans - or at least makes it much harder to understand the meaning. Visual Studio comes with a free obfuscator you can use.
    Friday, September 9, 2005 5:53 PM
    Moderator

All replies

  • As soon as someone has access to the source code, they can just put it in a new project of their own and run it in debug mode.

    The most efficient way to protect your program is to use an obfuscator, which changes the source code in a way that the program executes exactly the same, but is not readable by humans - or at least makes it much harder to understand the meaning. Visual Studio comes with a free obfuscator you can use.
    Friday, September 9, 2005 5:53 PM
    Moderator
  • I don't know to much about obfuscator, but the basic on cracking software that I read is that is a software have chance to be decompiled/disassebled then the software can be cracked. So how high protection can be made by using obfuscator, can the software that have been obfuscated into de-obfuscated (i just found sample from salamander, it can), so it useless. And where I can find algorithm to create obfuscator for .NET assembly (I don't know limitation on community edition), because obfuscator software is very expensive (for me that live at Indonesia, and not work yet, 1 million rupiah, its very expensive for .NET Reactor - its the cheapest they said).

    Thanks.
    Saturday, May 6, 2006 4:51 PM