Friday, October 19, 2007

How to protect ur code

Obfuscation

Obfuscated code is source code that is (usually intentionally) very hard to read and understand. Some languages are more prone to obfuscation than others. C, C++ and Perl are most often cited as easily obfuscatable languages. Macro preprocessors are often used to create hard to read code by masking the standard language syntax and grammar from the main body of code. The term shrouded code has also been used.

There are also programs known as obfuscators that may operate on source code, object code, or both, for the purpose of deterring reverse engineering.

Obfuscating code to prevent reverse engineering is typically done to manage risks that stem from unauthorized access to source code. These risks include loss of intellectual property, ease of probing for application vulnerabilities and loss of revenue that can result when applications are reverse engineered, modified to circumvent metering or usage control and then recompiled. Obfuscating code is, therefore, also a compensating control to manage these risks. The risk is greater in computing environments such as Java and Microsoft's .NET which take advantage of just-in-time (JIT) compilation technology that allow developers to deploy an application as intermediate code rather than code which has been compiled into machine language before being deployed.

for dot net there a tool called 'Dotfuscator' which provides ways to protect ur code from being disassembled in a human eye readalbe format, the way reflector.exe does disassabled all the dll & exe.

Example :- open reflector.exe in reflector itself. U'll see that all names will be displayed as '[]', and u'll not be able to link and find references between classess.
the logic behind having '[]' is to replaces all named things with '?'.

refer :

Based on these way there are also belief that developer can speed up the code upload in case of scripting languages by removing white space charaters form the code.
You can make a short program which will read all files with specifc extension like '.js' and edit the file, before deploying them.
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)