从逆向工程保护我的代码 [英] Protecting my code from reverse engineering
问题描述
作为类似的问题这里和<一个讨论HREF =http://stackoverflow.com/questions/71195/should-you-obfuscate-a-commercial-net-application>这里我要保护我的代码从逆向工程。
As discussed in similar questions here and here I want to protect my code from reverse engineering.
My situation is as Simucal describes in his (excellent) answer here:
基本上,它归结为是
你有被
针对源盗窃的唯一机会是,如果你
有一些非常具体的,很难
工程师,算法与您的
区,让你一条腿在你的
的竞争。这只是对
只有时间将是高性价比的
尝试反向工程应用中的一小
部分。
Basically, what it comes down to is the only chance you have of being targeted for source theft is if you have some very specific, hard to engineer, algorithm related to your domain that gives you a leg up on your competition. This is just about the only time it would be cost-effective to attempt to reverse engineer a small portion of your application.
我正好有这个情况。硬工程师算法,它是优雅和有价值的我们的特定领域。
I have exactly this situation. A hard to engineer algorithm which is elegant and valuable for our specific domain.
花费数月时间进行微调和发展这一最终结果后非常紧凑(约100行代码)和优雅。我要保护代码的特定部分通过反向工程或者至少使其合理困难。
After spending months fine tuning and developing this the end result is very compact (approx. 100 lines of code) and elegant. I want to protect this specific part of the code from reverse engineering or at least make it reasonable difficult.
的场景是用C#编写的富客户端应用程序,我有部署这部分代码 - 我不能从web服务执行它
The scenario is a rich-client application written in C# and I have to deploy this part of the code - I cannot execute it from a webservice.
我想提取的代码,并在非托管本机二进制重写它是不是由于一个选项性能方面的原因(和跨边界问题)。
I think extracting the code and rewriting it in a unmanaged native binary is not an option due to performance reasons (and cross boundary issues).
起初,我想要做简单的模糊处理,但考虑到代码的规模较小,我不认为这将提供更多的保护。
Initially I wanted to do simple obfuscation but given the small size of the code I don't think this will offer much protection.
在理想情况下,我想保护我的整个应用程序,但那里似乎使难以用普通obfuscaters和第三方包装机的两个主要问题是:
Ideally I would like to protect my whole application but there are two main issues that seem to make ordinary obfuscaters and 3rd party packers difficult to use:
-
应用程序提供一个插件接口,因此一些组件(和接口/类)不应该模糊,包装
The application offers a plugin interface and therefore some assemblies (and interfaces/classes) should not be obfuscated and packed
我们还是希望能够收到错误报告时,得到一个真正的堆栈跟踪 - 可能可以这样做我的映射混淆到真正的代码
We still want to be able to get to a real stack trace when receiving error reports - potentially this could be done my mapping obfuscation to the real code.
设置这些问题不谈(虽然我将不胜感激这个问题,以及任何输入),什么是保护来自逆向工程我的代码一小部分的好方法?我不担心任何人改变或黑客攻击的代码,但要使它难以理解和反向工程了。
Setting these issues aside (although I would appreciate any input on this as well), what is a good way to protect a tiny part of my code from reverse engineering? I am not concerned about anyone altering or hacking the code but want to make it difficult to understand and reverse engineer it.
推荐答案
您应该混淆完整的代码,因为它变得更难达到小有价值的部分。代码变得越小,就越容易理解它。大多数的混淆器不应该乱用公共接口,因为有许多混淆的图书馆在那里。
You should obfuscate the complete code since it gets harder to reach that small valuable part. The smaller the code gets, the easier it becomes to understand it. Most obfuscators should not mess with public interfaces since there are many obfuscated libraries out there.
不过,我想你应该宁可说服用户,有没有特别的技巧有,而不是试图将其隐藏。引用凯泽Soze,最伟大的把戏魔鬼曾经拉是说服世界,他不存在。
However I think you should rather convince users that there are no special tricks there instead of trying to hide it. To quote Kaiser Soze, "the greatest trick The Devil has ever pulled is to convince the world that he doesn't exist".
当然,你可以随时提交专利你的发明和法律上保护自己。
And of course you can always file a patent for your invention and protect yourself legally.
这篇关于从逆向工程保护我的代码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
