Linked by fran on Mon 15th Nov 2010 23:36 UTC
Windows Dismayed Windows App developers needed some assurances from Microsoft after news of the following incident got round. They got it.
Thread beginning with comment 450200
To read all comments associated with this story, please click here.
Loading Encrypted assembly
by dvhh on Wed 17th Nov 2010 00:46 UTC
Member since:

What about loading encrypted assemblies, as the assembly loader can load byte array (would require you to load all the assembly data in the memory though, and probably a clever way to store your encryption key). while I think the memory usage might be a little high (if you are using a mobile device), carefully splitting your implementation in multiple assembly might help mitigating the problem.

Obfuscation is one way to hide your implementation, but as there has always been a race between obfucator and de-obfuscator it seems like you will be loosing anyway as you cannot predict if the obfucator you bought would hold long enough, I would prefer encryption.

Reply Score: 2

RE: Loading Encrypted assembly
by Soulbender on Wed 17th Nov 2010 01:02 in reply to "Loading Encrypted assembly"
Soulbender Member since:

I would prefer encryption.

and where would the encryption key be stored?

Reply Parent Score: 2

RE[2]: Loading Encrypted assembly
by dvhh on Wed 17th Nov 2010 02:42 in reply to "RE: Loading Encrypted assembly"
dvhh Member since:

I would say probably into your licence key, or in a system string.
I agree that encryption would give a single weak point, but I would only be cracked by the motivated people. whereas right now disassembling is just a click away (or a few command away anyway). giving one extra step might discourage most of the hacker wannabe.

Even if I am sugesting a solution, I would say giving people a mean to see your code, might give them more confidence in it as they would be more sure that your application is doing what it is suppose to do.

What would be your solution anyway ?

Reply Parent Score: 2