[Mono-dev] Mono and Obfuscation

Jonathan Pryor jonpryor at vt.edu
Fri Feb 2 06:04:19 EST 2007


On Thu, 2007-02-01 at 16:38 +0100, APS wrote:
> I agree with you but my boss insist to find some level of protection 
> from reverse engineering at least at some core library and I was 
> investigating about how to do that.

As an alternative to obfuscation, use encryption.  You can encrypt an
assembly, decrypt it into memory, and then use Assembly.Load(byte[]) to
load the decrypted assembly.

This isn't a "real" solution for a number of reasons (people will be
able to decrypt the assembly themselves, as the key will need to be
bundled with your app; system memory & possibly the SWAP file will
contain the decrypted contents; anyone with a debugger will be able to
attach to the process in order to view the decrypted memory, etc.), but
it's more portable than code obfuscation, and the same problems also
apply to code obfuscation (people can always debug the process and view
the JIT-generated code to see the unobfuscated assembly).

 - Jon





More information about the Mono-devel-list mailing list