esposito Posted October 10, 2003 Author Posted October 10, 2003 (edited) Divil: this Remotesoft .NET Protector sounds very interesting and, to a certain extent, it guarantees continuity with former versions of VB producing self-sufficient applications. It is true that, as AlexCode pointed out, it's quite expensive ($1899 for 1-5 users) but, if it prevents hackers from stealing your code, it is certainly worth the price. AndreRyan: (1) I'm afraid Microsoft are quite reluctant to extend the .Net platform to other operating systems, since this would probably threaten the monopoly of Windows. So I just wouldn't care about cross-platform compatibility. (2) Using EULAs would not stop hackers from decompiling your code. You definitely need to resort to more drastic measures to protect your software: it would be ingenuous to expect a honest behaviour from programmers used to practising reverse engineering. (3) You are probably right when you say that a decompiled VB.NET executable is not easy to read but this would not stop someone from modifying the graphic interface of your software, rewriting some code that he or she can understand and taking advantage of your work. AlexCode: I know VB.NET is much more powerful that VB5/6 but, for the kind of software I produce, all the new functions offered ny the .Net platform are superfluous. For the moment, I'll continue to write my software in VB5. In the meantime I want to do some practice with VB.NET and experiment with Remotesoft .NET Protector to see if it is worth the price. A final question: don't you think Microsoft have been unfair depriving millions of VB programmers of an extremely user-friendly tool, forcing them to learn a much more complicated programming language (that's what VB.NET is) which can only be installed on Windows XP and produces executables as difficult to penetrate as HTML files? Have Microsoft thought about the possibility they could lose millions of customers who may prefer to switch to a different programming language, such as the latest version of Macromedia Flash MX, rather than try to sell applications that, to be run, need the presence of a very cumbersome framework? Edited October 10, 2003 by esposito Quote Pasquale Esposito Perugia - Italy http://www.geocities.com/espositosoftware
*Experts* Volte Posted October 10, 2003 *Experts* Posted October 10, 2003 Microsoft doesn't need to compete with Macromedia Flash. That idea is laughable. Maybe for small hobby programmers Flash is decent, but let's see you create a business enterprise which depends on Macromedia Flash. .NET can be installed on anything >= Windows 2000, not just Windows XP, and Microsoft specifically designed .NET to be potentially cross platform. The framework is not cumbersome for anything except downloading, and as new versions of Windows become more widespread (Windows 98 has already been obselete for a long time, we can't keep supporting it) it will become less so. Microsoft haven't deprived millions of VB programmers. VB6 will be supported until something like 2008, and people are free to program in it if they want. It's not like they just made it stop working. Bottom line: if you don't want to use .NET, don't use it, but I think the pros outweigh the cons when it comes to alternatives. Quote
AlexCode Posted October 10, 2003 Posted October 10, 2003 I like this discussion ! :D I've some things to comment your last post... (1) - The Cross platform implementation isn't on the MS side... I think you don't know that you already can make your code on a Windows based machine and have good warranties, that it will run on a Linux machine! It's called PRoject Mono... it's a Framework for Linux... and as this one that already works very well there must be someone developing something alike to Mac environments... It's just a matter of someone build a framework to do so... (2) - VB.net isn't harder than VB5... specially VB5!... It's simply diferent, it's a OOP language witch VB5 isn't. VB5/VB6 was ment to be OOP but is far, very far from that... Once I got my hands on VB.net when I got to change some old code in VB6 it's a headache... (3) - On the contrary of what you said... I never saw so much developers, developing on MS languages... So many forums, so many people spending their spear time developing VB.net or C# apps... So many people leaving C++ or Java or Cobol to a real RAD language, where u can do anything you put your mind to in less time... I son't think it's the best it could be but it's improving... (4) - Are you comparing Fash Mx with the .net platform? Tell me why is JAVA so wide distributed! Doesn't JAVA have a "Framework"????? Only the name is diferent... they have called it "Virtual Machine" dispite of that... I don't see any diference... (5) - Here I was going to teach you the benifits of the Framework but I'll leave it to a next post... :D Quote Software bugs are impossible to detect by anybody except the end user.
esposito Posted October 10, 2003 Author Posted October 10, 2003 I would very much like to use VB.NET for my commercial software, but first I have to sort out that problem about security issues. You haven't probably seen the latest version of Macromedia Flash MX yet: you can now manage any kind of database, so it is no longer a programming language for the Web only. Macromedia themselves said it is their intention to take advantage of the millions of former VB programmers who don't feel like upgrading to the .NET philosophy. If Microsoft designed to make .Net cross platform, why isn't the .Net framework available for any other operating systems yet? What if a new programmer would like to buy VB6? There's no way you can get it, unless you resort to piracy. Don't you think Microsoft should make VB6 available since it has very little to do with its "successor" VB.NET? As you can see, there's no freedom to program in VB6. Microsoft doesn't need to compete with Macromedia Flash. That idea is laughable. Maybe for small hobby programmers Flash is decent, but let's see you create a business enterprise which depends on Macromedia Flash. .NET can be installed on anything >= Windows 2000, not just Windows XP, and Microsoft specifically designed .NET to be potentially cross platform. The framework is not cumbersome for anything except downloading, and as new versions of Windows become more widespread (Windows 98 has already been obselete for a long time, we can't keep supporting it) it will become less so. Microsoft haven't deprived millions of VB programmers. VB6 will be supported until something like 2008, and people are free to program in it if they want. It's not like they just made it stop working. Bottom line: if you don't want to use .NET, don't use it, but I think the pros outweigh the cons when it comes to alternatives. Quote Pasquale Esposito Perugia - Italy http://www.geocities.com/espositosoftware
AlexCode Posted October 10, 2003 Posted October 10, 2003 Wanting to buy VB6 now it's just like wanting to buy a new Win98... :) Things have to move ahead. I don't agree with many stategies of MS but this one I support 200%. I don't know how it is there in Italy but here in Portugal are many developers stuck in languages like Cobol that just can't make one step foward... and so their companies are drawning with them... Every Prog language have its time and developers have to look ahead... ahead is like 4... 5 years ahead... Do you see yourself developing win apps in VB5 4 or 5 years from now?? Give me a break... :D Quote Software bugs are impossible to detect by anybody except the end user.
whosyodaddy Posted October 11, 2003 Posted October 11, 2003 Well, a freind of mine creates real good programs, private, for security, you have to have this 'key' plugged into your computer, yes, it is a physical object. Those key's are the safest bet... and each 'key' is designed only for your computer's special number that it assigns. So one person can't hand that key to somebody else. Quote
*Experts* Volte Posted October 11, 2003 *Experts* Posted October 11, 2003 How does it work? Is it a CD/Floppy with a special file, or some sort of special USB/serial device? Quote
AlexCode Posted October 11, 2003 Posted October 11, 2003 Here r some comercial apps that use that... the PCB is inside a 25 pin connector (like the one of the printers) and works fine but... and there's allways a but... It doesn't solv this problem here... It only protects the program from running, doesn't protect it from beeng reversed... :D Just a final comment: There is at leat one company distributing keys like those... but if you serch on the net there's also a app that simulates the key ! :D Cute isn't it?!?!? :D Quote Software bugs are impossible to detect by anybody except the end user.
AndreRyan Posted October 11, 2003 Posted October 11, 2003 To point out a particular point from my previous post, .Net is potentially cross-platform and even if an app is running on Windows it can make use of special features and optimizations that are avaliable on the computer the software is running on. Like on an Intel processor the program may be compiled natively using cmov/fmov instead of mov or something like that(I'm not an assembly programmer but I assume the special mov commands are faster versions of the normal one). The obfuscator from remotesoft is difficult to deobfuscate since there doesn't appear to be any trace of the original names plus the obfuscator optimizes the program a little by removing some commands that may not be needed. You can try encrypting your .Net apps if you want. Write a VB5/6 App that decrypts files using a custom encryption algorythm then the user runs the decrypter which gets the EXE out and you can run it then delete the EXE at the end of the session. This will make it impossible to use the Reflection functions though so it's no good if you're using plugins. Quote .Net allows software to be written for any version of Windows and not break like Unmanaged applications unless using Unmanaged procedures like APIs. If your program uses large amounts of memory but releases it when something else needs it, then what's the problem?
whosyodaddy Posted October 11, 2003 Posted October 11, 2003 Here r some comercial apps that use that... the PCB is inside a 25 pin connector (like the one of the printers) and works fine but... and there's allways a but... It doesn't solv this problem here... It only protects the program from running, doesn't protect it from beeng reversed... :D Just a final comment: There is at leat one company distributing keys like those... but if you serch on the net there's also a app that simulates the key ! :D Cute isn't it?!?!? :D Yea.. but in order to get the program you pay for the key, so why do that? You can't get pirated copies off of the net or file sharing because he sells private... only to major big time companies. Quote
jorge Posted October 11, 2003 Posted October 11, 2003 You can still get vb6, it still on msdn, And i agree, a good programmer can rewrite an aplication faster than a very good hacker can decompile it. e.g. i had on old vb6 project i made when i was 12(i'm almost 16 now), i lost the code, but i rewriten it in about 15minuts, becouse mu knoledg has improved over 3 year, so why cant a experieced programmer recreate msn or somthing? and why is it so important that some one has your source code? Most of my apps are opensource, it help other programmer get smarten and new id's, personaly i'd love to see some one use my code. I would very much like to use VB.NET for my commercial software, but first I have to sort out that problem about security issues. You haven't probably seen the latest version of Macromedia Flash MX yet: you can now manage any kind of database, so it is no longer a programming language for the Web only. Macromedia themselves said it is their intention to take advantage of the millions of former VB programmers who don't feel like upgrading to the .NET philosophy. If Microsoft designed to make .Net cross platform, why isn't the .Net framework available for any other operating systems yet? What if a new programmer would like to buy VB6? There's no way you can get it, unless you resort to piracy. Don't you think Microsoft should make VB6 available since it has very little to do with its "successor" VB.NET? As you can see, there's no freedom to program in VB6. Quote Jorge - http://www.blackdot.be/?page=apache.htm
AlexCode Posted October 11, 2003 Posted October 11, 2003 Hey jorge... I never aggreed with esposito but you're too much open source :D! Quote Software bugs are impossible to detect by anybody except the end user.
jorge Posted October 11, 2003 Posted October 11, 2003 Well maybe, lol, i'm just a hobby programmer, and i don't care about making money(yet) i gues i'll change in a few year when i'm out of school i wand to make my living out of it, so they OS goes byebye -- back on topic -- Would a debug build be harder to decode than a release build like it is in c++? Quote Jorge - http://www.blackdot.be/?page=apache.htm
AlexCode Posted October 11, 2003 Posted October 11, 2003 I presume you're talking about VS.net C++ ... If it is... the ILDasm works the same way on both compile methods as also all the other revense engeneering apps out there... Quote Software bugs are impossible to detect by anybody except the end user.
AndreRyan Posted October 12, 2003 Posted October 12, 2003 ILDASM can't decompile native sections of C++ Apps so the Managed section comes out but the Unmanaged needs to be dissassembled seperately. Debug builds are larger than Release builds because they contain debug symbols but it shouldn't be any harder to decompile. I was MSDN yesterday and they say that they packaged dotfuscator in VS.Net 2003, there was also a feature list which described a special overrloading system used in the obfuscated files so that almost everything is renamed to "A" and makes the decompiled code difficult to recompile because the Assembler is not supposed to be able to understand correctly. With obfuscators you can preserve .Net's features but make the code almost impossible to understand. The renaming method also can't be undone(deobfuscated). Quote .Net allows software to be written for any version of Windows and not break like Unmanaged applications unless using Unmanaged procedures like APIs. If your program uses large amounts of memory but releases it when something else needs it, then what's the problem?
wildfire1982 Posted October 24, 2003 Posted October 24, 2003 Heres a quick question for you all. Im just moving from vb6 to .net and one of you mentioned earlier about storing sensitive informations like passwords in the exe. Say i was to log into a remote database, where would you all suggest to keep the passwords\url's\usernames etc? Somewhere encrypted but you really wouldnt want to have to code a completely new section just to store the details whereas in older versions of vb it was more safe to just use it in the exe. Any thoughts? Quote Chris
AlexCode Posted October 24, 2003 Posted October 24, 2003 I think the safer way it's to store it in an SQL Server database... Quote Software bugs are impossible to detect by anybody except the end user.
Administrators PlausiblyDamp Posted October 24, 2003 Administrators Posted October 24, 2003 Was never that safe to store them direct in the EXE in older versions of VB (or in an EXE from any language) without doing something to hide them. Also it is a lot more secure to store a hash of the password rather than an encrypted version - with encryption there is always a small chance it could be recovered. Quote Posting Guidelines FAQ Post Formatting Intellectuals solve problems; geniuses prevent them. -- Albert Einstein
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.