保护资源免受逆向工程的最佳做法 [英] Best practice to protect resources against reverse engineering

问题描述

为了解决对逆向工程或反编译的一定程度的保护，我决定根据所描述的在这里在C ++程序中使用资源， practice1 和练习2 在C＃应用程序中使用C ++ DLL文件。现在，我有两个问题：

In order to address some level of protection against reverse engineering or decompilation, I decided to move the important parts of my C# application including several xml resources into a native C++ DLL file based on the method described here for using resources in C++ programs and practice1 and practice2 for utilizing C++ DLL files in C# applications. Now i have two questions:

1. 这是解决应用程序保护免受反向工程设计适当的解决办法

？
2. 什么是正确的方式返回文本内容在C + +̶̶DLL文件的基础上̶p̶r̶a̶c̶t̶i̶c̶e̶1̶和̶p̶r̶a̶c̶t̶i̶c̶e̶2̶.̶我已阅读̶m̶a̶n̶a̶y̶样品，̶但所有这些，我阅读过说明利用加/减/乘/̶D̶e̶v̶i̶d̶e̶̶f̶u̶n̶c̶t̶i̶o̶n̶s̶̶̶

更新：
我跳过第二个问题问题，而第一个是关于实践的问题。

Update: I skip the second question as might be coding question while the first one is a question about practice.

推荐答案

在DLL中放置文本资源是隐藏资源的技术，而不是保护他们。如果目标是为了保护您免受反向工程设计资源，这种技术只够得上最低，最少的有效措施由默默无闻的安全，这对任何人都没有提供安全的决心破解您最少的资源量。

Placing text resources in a DLL is a technique of hiding resources, not protecting them. If the goal is to protect your resources against reverse engineering, this technique would qualify only as the lowest and the least effective measure of "security by obscurity," which provides no security against anyone with minimal amount of determination to hack your resources.

有关，你需要使用加密，因为自定义密钥加密你的资源需要从任何人试图更高的复杂程度，真正保护任何程度的逆向工程系统。这不会使其完全不可能反向工程系统，但它会做的不够，从你的代码乱搞阻止黑客知识有限。

For any degree of real protection you need to use encryption, because encrypting your resources with a custom key would require much higher degree of sophistication from anyone trying to reverse-engineer your system. This wouldn't made it completely impossible to reverse-engineer your system, but it would do enough to discourage hackers with limited knowledge from messing around with your code.

这篇关于保护资源免受逆向工程的最佳做法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！