• Hello and welcome to our new forums. We upgraded our forum sites to a more robust and modern system which we hope you will enjoy. Be sure to check out your profile by clicking the button on the top right and configure your preferences, signature, time zone, avatar, etc. as you wish. If you need help with using this new forum'ware try the help link on the bottom right.

    Click here to review your account now.

Best practices to protect your application

Ultrawhack

Well-known member
Joined
Jul 5, 2006
Messages
164
Location
Canada
Programming Experience
3-5
Hi,

I'd like to start this thread and ask for information on the best way to protect your source code/vb.net applications from reverse engineering, etc.

I'm sure many will benefit.
 

Ultrawhack

Well-known member
Joined
Jul 5, 2006
Messages
164
Location
Canada
Programming Experience
3-5
I'm sure it'll pay for itself if it does what it says but Standard Edition Single User $595 - anything else out there ?
 

JohnH

VB.NET Forum Moderator
Staff member
Joined
Dec 17, 2005
Messages
15,254
Location
Norway
Programming Experience
10+
I guess PreEmptive is the market leader in that field. I do get a lot of different hits with Google http://www.google.com/search?q=vb.net+obfuscator haven't checked other pricing or not, perhaps other forum users actually know something about this topic and will reply later?
 

vis781

Well-known member
Joined
Aug 30, 2005
Messages
2,015
Location
Cambridge, UK
Programming Experience
5-10
It's really quite expensive, but worth the money. Remotesoft do a obfuscator than is very effective and one i've found to be the most secure. Reason is they also do a decompiler/de-obfuscator. It's a small program that can actually de-obfuscate an assembly, why they would want to produce such a thing is beyond me, probably to bolster their own place in the market, as their de-obfuscator won't reverse engineer any assembly obfuscated with their obfuscator. Anyway it's a good obfuscator, just a bit expensive.
Just goolge for ..

RemoteSoft
 

JohnM

Well-known member
Joined
Jul 2, 2004
Messages
116
Location
Massachusetts
Programming Experience
1-3
Code-Lock Software

Has anyone used Code-Lock by ChosenBytes? This is software that prevents users from copying VB.Net apps to other PC's. I was wondering if anyone has tried it and if it works like it says? I have downloaded a demo version but am not able to work it yet. The demo is also missing the code creator part so it would be hard to say if it works anyway unless you buy the full version for $300. The website contacts have not reply to my questions. Their forum is a year or 2 old.

Your feedback is appreciated.

John M
 

ssware

Well-known member
Joined
Jan 28, 2006
Messages
64
Programming Experience
Beginner
You need to use a combination of licensing + obfuscation for .Net software. License is for copy protection while obfuscation is for code protection. Have a look at the CryptoLicensing+Crypto Obfuscator combo for this.
 

JohnM

Well-known member
Joined
Jul 2, 2004
Messages
116
Location
Massachusetts
Programming Experience
1-3
Thank you for your reply. I have been using PC Guard. What I don't like about it is that the purchaser has to email back 2 numbers, then I have to email back a 24 hexidecimal number which they have to enter in order to activate the software. This can be tiresome.

I will look at your suggestion.

Thanks for the option:eek:
 

JohnM

Well-known member
Joined
Jul 2, 2004
Messages
116
Location
Massachusetts
Programming Experience
1-3
This is an old thread, I hope you will still reply.

I just saw a copy protector called Softlocker.net

Something like you pay so much a month, you download their software, use it to lock up your .exe file. Send it up to their server. Link it to your web page where you sell it. When someone buys it, the buyer can access their server to get the registration code that opens it for them.. something like that. Has anyone ever tried it?

Thanks foryour time

John
 

Highwinder

New member
Joined
Aug 28, 2018
Messages
1
Programming Experience
10+
Obfuscation alone is a worthless joke. All obfuscation does is turn easily-readable code into different but still easily-readable and still fully accessible code.
Anybody that has ever taken a look at hacker web sites knows that the technology and methods they use to crack an app takes seconds no matter what you did to obfuscate. The cracking tools that are available now make app cracking as easy as playing a video game. This can be incredibly discouraging and make you never want to release an app of any kind once you see how worthless obfuscation (and most other code protection products) really are.

In my opinion there is only one choice out there. Eazfuscator.NET. Allow me to explain:

0. Unlike CryptoLicensing/Obfuscator, Dotfuscator and many others, cracked copies of it can't be found on the torrent networks (think about this).
1. Brilliantly simplistic to use, never thought it could be so easy and effortlessly integrated into VS. A breath of fresh air.
2. Unlike other obfuscators, Eazfuscator JUST ALWAYS WORKS. I have never had a single problem.
3. Excellent cutting edge obfuscation
4. Code Virtualization: Utterly brilliant technology that makes cracking an app impossible (parts or all of your code runs in a dynamically encrypted virtual machine)
5. Assembly merging: Licensing assemblies can be directly merged and virtualized into your main assembly with no coding (!!!)
6. Perpetual license - no subscriptions
7. Low price: Only $399 and comes with year of support and upgrades (and only $99 anytime you want to add a year of support and upgrades at any time)

Overwhelmingly the best deal around for the quality, stability, reliability, and features it offers. Your app will NOT be cracked if it gets virtualized. This is the sole reason I bought this product, because there is no such thing as obfuscation that keeps an app safe. All obfuscation does is slow down an eventual crack, sometimes only by one day after release depending on the popularity of your software. Code virtualization is the only thing that works. Obfuscation alone is a joke.

On top of obfuscation and code virtualization, I also use strong naming, internalized code that checks for strong naming values in the certificates, and a l large number of differently and confusingly named functions that detect if the code is being stepped through. If so, the app creates a bunch of garbage and intentionally crashes. All obfuscated and virtualized, of course. These create absolute hell on any cracker trying to step through the code looking for licensing code - all of which is virtualized, by the way, so good luck even getting anywhere near that code to begin with. Use "round trip" methods to strip and replace my strong naming certificates and the code won't even start.

Hope this helps.

Highwinder
 
Last edited:
Top Bottom