Jump to content
  • Advertisement
Sign in to follow this  
xpnctoc

The Value of "Obfuscators"?

This topic is 4601 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I recently posted about my intent to take a game I had started developing in C++ 6.0 and moving it over to .NET. One respondant brought up the point about the easy-decompilation nature of .NET assemblies. Can anybody speak to the value (or lack of value) of obfuscators? How good are they at preventing decompilation? What is the effectiveness of the "Dotfuscator" edition that comes pre-packaged with VS.NET versus a third-party obfuscator. Finally, if I want to be that protective of my source, should I bother with .NET, or stick with 6.0? Thanks.

Share this post


Link to post
Share on other sites
Advertisement
This only applies to C# code, afaik. With Visual Studio .NET (also called VS7.1, etc), you can still write unmanaged, non-.NET framework C++ code. This code will compile to a regular PE .exe format.

Are you thinking of moving from C++ to C#? Or just from VS6.0 to VS8.0 (the Express Edition or VS 2005 Standard or something (a good idea anyway since 6.0 is pre-standard C++)?

Share this post


Link to post
Share on other sites
Why are you so keen to protect your source code? Surely it is not going to be usable to anyone else because:

- They aren't going to be able to use it legally anyway because you'll retain its copyright
- Decompiled code won't contain comments or documentation
- Your data are all copyrighted anyway and it won't work without it
- They won't have documentation on your data formats etc

What exactly, is the advantage of someone being able to read your source code?

If it's to prevent unauthorised modification, it's flawed as well, because hackers will attack code even if it's native-compiled anyway. Unless you run on a platform with inherent DRM (Xbox live?), then you should expect your code to undergo unauthorised modifications.

They can still carry out various forms of multiplayer hacks, without modifying or viewing the code, notably in-memory modification of data which is essentially impossible to defend against.

Mark

Share this post


Link to post
Share on other sites
Quote:
Original post by markr
They can still carry out various forms of multiplayer hacks, without modifying or viewing the code, notably in-memory modification of data which is essentially impossible to defend against.

Actually, this is a Pro for using .NET, thanks to .NET including a level of memory protection.

I would suggest to the OP to get on MSDN and start reading. There are tons of articles on .NET, on its internals, on every-question-you-could-ever-have.

Share this post


Link to post
Share on other sites
Quote:
Original post by jpetrie
Are you thinking of moving from C++ to C#? Or just from VS6.0 to VS8.0 (the Express Edition or VS 2005 Standard or something (a good idea anyway since 6.0 is pre-standard C++)?


That's a whole separate issue (see my post called "MC++ vs. C#). I am very up in the air on that whole issue. I am, however, leaning toward a mix -- keeping performance-critical code and the more complex algorithms in C++, and moving some of the low-priority and utility items into C# for the easier programming. Either way, I'm planning on refactoring the entire program before I add the final set of features to it.

Share this post


Link to post
Share on other sites
Quote:
Original post by markr
Why are you so keen to protect your source code? Surely it is not going to be usable to anyone else because:

- They aren't going to be able to use it legally anyway because you'll retain its copyright
- Decompiled code won't contain comments or documentation
- Your data are all copyrighted anyway and it won't work without it
- They won't have documentation on your data formats etc



Good points. I also read on an older thread where someone said that unless you have a ground-breaking algorithm (which I don't, as far as I'm aware), there's really nothing that someone can't copy anyway -- even if by coding from scratch based on observation.

Marketing my game was never a consideration until several weeks ago (this has been an on-and-off project for me for 2 years). While I'm not new to programming, I am new to potential widespread distribution. As such, these are issues I am now considering. And since this has been my baby for 2 years, I'm probably overly protective about it. Even so, I'd rather at least have some level of protection and make it as difficult as possible to copy.

I guess in the end I just have to good graces of the majority of programmers -- who are far too busy with their own projects and innovations to worry about copying what's already been done.

Share this post


Link to post
Share on other sites
Hi,

I know good Obfuscators exist for Java. I realise you are now probably thinking "Java, does he have the mind worms? I'm asking about .NET!" but hold on there skippy!

Back to my point. Good Obfuscators for are Java are actually able to rearrange Bytecode improving its runtime effiency and memory footprint/size on disk.

I am not sure how similiar MSIL is to Bytecode, but I assume good .NET Obfuscators would be able to do similiar wonderful things.
My main point being using an Obfuscator can have other added benefits to just making your assemblies harder to reverse engineer.

If you are interested, purely for knowledge, I can find and paste some links to articles about the Java Obfuscators, as for .NET you are on your own there :P


- Chris

Share this post


Link to post
Share on other sites
Fact.
If someone would like to get and algorithm from an heavily encrypted and obfuscated machine code, with antidebug features, he would get it. If someone would like to modify such code, the worst thing you could do to him is forcing him to modify it into standalone version.

If you'd like to enforce something else you'd violate right of customer, and crash several other programs. (Some of them that unimportant like sheduler and possibly kernel...) It would be very likely your program would be unexecutable anyway, and possibly recognized as virus. Some kernels are attempting to verify the program, so antidebug features could do problems to them as well.

Fact about obfuscators in Java.
Sometimes they will mangle JIT so much it would badly compile the program, because it's unable to recognize that pattern anymore, sometimes if they are abusing some known bug they would create nonexecutable code (You'd find it few years later when that bug would be repaired.). Theirs main value is for 4KB code contest. You know that contest where contestants are stripping away the main method because they would save 4 bytes. (BTW Java programs could run without main method.)

And sometimes when you'd obfuscate your code, and then decompile, you'd see much more readable version of your source code... (Of course no comments, but if you didn't do them in first place...)

Share this post


Link to post
Share on other sites
I have said this on other forums and might as well say it here, you are not going to keep hackers from cracking your code. Doesn't matter what you do, with current technology the hackers will always win, you might slow them down and let them have some fun by giving them a challange but they will still crack it and they will release it on to the web.

So keep the honest folks honest and don't think about stopping hackers because you won't. So spendyour time on your program and not on anti-hacker code.

theTroll

Share this post


Link to post
Share on other sites
Quote:
Original post by markr
Why are you so keen to protect your source code? Surely it is not going to be usable to anyone else because:
- ...
- Decompiled code won't contain comments or documentation
Mark



if im not mistaken, the compiled .NET has the comments inside too

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

GameDev.net is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!