On Wed, 2004-09-08 at 17:47, Joshua Tauberer wrote: > In defense of the original question, here's a real world situation I > have had to deal with: > > I am involved in commercial software that has an extremely small market, > but the software is very valuable (i.e. pricey). Thus, each purchase of > the software is very important, and it is critical that copies of the > software cannot be freely made. We use various technological techniques > to prevent unauthorized copying, in a variety of natively compiled > languages. > > However, none of these techniques would be practical under .NET, as it > would be trivial to circumvent any copy protection scheme that I know of > implemented in .NET (putting aside obfuscation). Without a copy > protection scheme, venturing into a .NET version of our software could > mean the end of new sales of the software.
Well, you could always ship encrypted assemblies, decrypt the assemblies at runtime, and use Assembly.Load() on the decrypted bytes. Of course, this doesn't protect against anybody running your app inside of a debugger, trying to sniff for the decrypted assembly, but it should complicate thing significantly, assuming that you have a secure key system in place to encrypt/decrypt the assemblies. In the future, you could always rely on NGSCB/Paladium, and decrypt the assembly into protected memory, which would prevent a debugger from viewing the assembly. Alternatively, you can always write your normal libraries and use P/Invoke to wrap them for use in .NET, using your standard copy protection scheme for the unmanaged code. However, the unfortunate truth is that even highly optimized unmanaged C/C++ code is not enough to prevent copies or reverse engineering, *if* someone is willing to spend enough time/resources on breaking things. The most you can hope for is to slow things down, hopefully enough to dissuade the attacker. - Jon _______________________________________________ Mono-list maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/mono-list
