Page 4 - Review: Eschew Obfuscation? Maybe You Shouldn't.

Review: Eschew Obfuscation? Maybe You Shouldn't. - ' Worth The Money'
( Page 4 of 4 )

?">

So, Is It Worth The Upgrade?

The best parts of Dotfuscator Professional 2.0 are its excellent integration with VS.NET, overloaded induction, string encryption, the break ILDASM feature, flow logic obfuscation, support for incremental obfuscation and debugging, and support for the Compact .NET Framework. In addition, Preemptive includes excellent samples, help documentation, and a year of support and upgrades.

But it's not perfect. Dotfuscator Professional does not include maximal obfuscation out of the box; it should. You have to read the help files to turn on some of the features, such as string encryption, breaking ILDASM, and overloaded induction. The company acknowledged that this might need to be changed; a spokesman said, “Break ILDASM is off by default, but it could probably be on as a default setting.” For maximal obfuscation in your apps, see “Step 4 - Configuring the Project” in the Standalone GUI Quick Start help documentation.

Another modest setback is that Dotfuscator Professional is its cost. At $1,495, the price might be a bit steep for small development shops and independent contractors, but a Standard Edition is available for smaller budgeted development shops. The flip side is that you need Dotfuscator only on a build machine, so those without larger corporate budgets will only need one or two copies, putting it within the more modest budgetary constraints of even one-man shops.

The Standard edition is available for $395, but for that price you will have to give up compacting and pruning, support for the Compact .NET Framework, control-flow obfuscation, induction, incremental obfuscation, string encryption, and the ILDASM break feature. If you really want to prevent tools like Reflector from decompiling your code, you need the professional version's features.

Intermediate language, Just-In-Time compilation to support security checks as well as multi-language support, and a single linker are here to stay, because security is the biggest software risk we have. Unfortunately this means that decompilers and disassemblers are here to stay too, putting your intellectual property at risk.

A prudent rule of thumb is to make obfuscation as identifiable a part of your software development process as is analysis, design, coding, and testing. If you can't afford to throw away your company's competitive, intellectual property then you will want to obfuscate your assemblies before shipping them. Dotfuscator Professional is a slick proposition.

	Discuss Review: Eschew Obfuscation? Maybe You Shouldn't.

	>>> Be the FIRST to comment on this article!



	>>> More Add Ons Articles >>> More By Paul Kimmel


Contact us \| Advertise \| Site Map
	Ziff Davis Enterprise Home \| Contact Us \| Advertise \| Link to Us \| Reprints \| Magazine Subscriptions \| Newsletters Tech RSS Feeds \| White Papers \| ROI Calculators \| Tech Podcasts \| Tech Video \| VARs \| System Builder
	Baseline \| Careers \| Channel Insider \| CIO Insight \| DesktopLinux \| DeviceForge \| DevSource \| eSeminars \| eWEEK \| Enterprise Network Security \| LinuxDevices \| Linux Watch \| Microsoft Watch \| Mid-market \| Networking \| PDF Zone \| Publish \| Security IT Hub \| Strategic Partner \| Web Buyer's Guide \| Windows for Devices
	Developer Shed \| Dev Shed \| ASP Free \| Dev Articles \| Dev Hardware \| SEO Chat \| Tutorialized \| Scripts \| Code Walkers \| Web Hosters \| Dev Mechanic \| Dev Archives \| igrep Use of this site is governed by our Terms of Use and Privacy Policy
	Copyright ©1996-2008 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. DevSource is a trademark of Ziff Davis Enterprise, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited. Microsoft is a registered trademark of The Microsoft Corporation.