Why You Need Obfuscation

Programs written for .NET are easy to reverse engineer. This is not in any way a fault in the design of .NET; it is simply a reality of modern, intermediate-compiled languages. .NET uses expressive file syntax for delivery of executable code, or MSIL (Microsoft Intermediate Language). Being much higher-level than binary machine code, the intermediate files are laden with identifiers and algorithms that are immediately observable and ultimately understandable. After all, it is obviously difficult to make something easy to understand, flexible, and extendable while simultaneously hiding its crucial details.

So anyone with a freely available .NET decompiler can easily reverse engineer code. Suddenly, software licensing code, copy protection mechanisms, and proprietary business logic are much more available for all to see - whether it's legal or not. Anyone can peruse the details of software for whatever reason they like. They can search for security flaws to exploit, steal unique ideas, crack programs, etc.

This need not be a risk or a showstopper. Organizations concerned with their intellectual property on the .NET platform need to understand that there is a solution to help thwart reverse engineering. Obfuscation is a technique that provides for seamless renaming of symbols in assemblies as well as other tricks to foil decompilers. Properly applied obfuscation can increase the protection against decompilation by many orders of magnitude, while leaving the application intact.

© 2002-2007 PreEmptive Solutions. All rights reserved.