"Protected" dll reference
Hi all
I'm developing open-sourced WPF app, unfortunately there is already competitiors that have similar app - I want to have some sort of unique features that will be developed in "protected" dll that my wpf app will reference and use.
But not sure about some of the questions below:
1) How can I develop such code, that it will still compile for people that are trying to use source code (I'm fine with just not having such functionalities in compiled apps)
2) How can i "protect" such dll? Is .net reactor good? Virtualization? (Also I'm fine with it being obfuscated, I know it only slows down people, as long as its not available for copy paste its good)
19 Replies
$obfuscation
"Then finally, there is that question of code privacy. This is a lost cause. There is no transformation that will keep a determined hacker from understanding your program. This turns out to be true for all programs in all languages, it is just more obviously true with JavaScript because it is delivered in source form. The privacy benefit provided by obfuscation is an illusion. If you donβt want people to see your programs, unplug your server."
- Douglas Crockford
https://softwareengineering.stackexchange.com/a/155133
* Spend your effort on putting proprietary things in your api, and keeping the distributed code as empty as possible
* Use AuthN/AuthZ to control who/what/when/etc...
* Free obfuscation is worth the amount your paid for it -- it's already broken and most decompilers out there can make sense of it.
* Paid ofbuscation will bankrupt you unless you have a very strong revenue stream and can justify the additional cost with gained sales
* The "threat" of someone hijacking your UI and shimming it to make it provide them money is not a real threat. If this is legitimate software, you can ruin their business with lawsuits
- Cisien
Software Engineering Stack Exchange
Is it important to obfuscate C++ application code?
In the Java world, sometimes it seems to be a problem, but what about C++? Are there different solutions?
I was thinking about the fact that someone can replace the C++ library of a specific OS wit...
also, it's not really open source if you're obfuscating parts of the code
99% of code is still open sourced, just some "early access" paid features will be hidden for some time, and eventually released. It is what it is with competitiors, when I will just release it open sourced they will copy paste in one week π
just looking for a way to be unique with unique features, even if they are not open sourced
It's more like a strategy question than technical. Host certain features online as a web service, so you can charge users a subscription fee and no worry the actual code will be seen. ChatGPT and OpenAI REST API are typical examples.
How would that work for WPF desktop app? I need to display interface and such
If you do have to ship those features fully in your desktop app, instead of obfuscating a small portion, you can obfuscate the entire app. Anyone who wants the open source version can compile from the code you shared.
That depends on what kind of app and what kind of feature.
its related to 3d rendering with directx, I would like to have additional paid features for it, like slice geometry or so
Here comes question 1 - how can I reference dll that will be available only in shipped version? How can I prevent compiler errors when there will be some part of code missing?
? You need to develop your app with a plugin framework
MEF or Mono.Addins.
Then all extensions (open source or commercial) are simply loaded together.
Can that be converted to a web service? Anyway, the domain of your app isn't something I know very well, so I won't comment further.
great, I'll check MEF/Mono.addins
Maaaybe it could, but that would be a lot of work that I would like to avoid π Looking for possibilities within wpf app. If there is nothing viable maybe I'll consider converting to web service
Use licenses that restrict certain things
Go the legal way.
how would you check if someone is reusing your code if their app would be closed-source and heavily obfuscated / virtualized or whatever
I know everything client can be reversed. But I'm not experienced in it at all
You can't.
then how enforce legal way of doing stuff
Most of the time, companies do not obfuscate their softwares
It is just a waste of time
People will break it if they really want to, even if has obfuscation.
And those legal companies will go the legal way, they do not want to risk getting sued.
.NET obfuscators are especially useless considering all of them has deobfuscators except the private or very expensive ones.
as long as I can make others struggle to read decompiled exe, I'm fine with it
at least they won't be able to copy paste
Still useless.
In this case .. IL