Securing your code .net assembly code
I want to present some ideas for how you can secure your coded .net application.
.net assemblies /executable contain instruction codes and some data about data that is contained in them that is relatively easy to de-compile with tools available in market like Dot Net reflector.
Tools like Dot net Reflector can de-compile the assembly and it shows the code that is nearly the same as the original code of the .net assembly. If our Application contains some critical code/secret code that we don't want the user to see then we can do that using tools like reflector.
So what we can do to protect our .net code?
We can do following things.
| Implement Server based solution like Web Service or Asp.net application when you implement this type of solution your solution can be accessible by browser so there is no chance that user can see the code of assemblies. |
| When you feel that it's not possible to use Server based solution, use obfuscator that is shipped with Visual Studio 2010 that can rewrite your code such that it's hard to understand and follow by reverse engineering. |
| If your application contain some secret code then put that secret code in Native DLL and call that methods that contain secrete code with P/Invoke . |
Note: - approach 2 and 3 can still can be decoded by application cracker who is much better in skill.