-
MS forces open source?
At the rah-rah event, they talked about what happens when your finished programs are distributed. Basically sounds like it amounts to sending out the assembly (the CLI and the metacode or whatver it's called), and that's run w/ the .NET framework. Well... If the person on the other end has VS.NET (and consequently, the disassembler) won't that just be like giving your code away?
-
I am not 100% sure about this but I think that CLR scrambles all your varible and function names to something totaly unreadable and also removes all the comments. Tests been showing that even the easiest program get totaly impossible to read and understand when this happens. Atleast thats what I think I read.
-
Well, it wasn't completely scrambled when they showed it yesterday... He just open it as a test file... I'm sure the comments and stuff come out... I guess it's not a lot different than using a normal disassembler to break an exe into ASM...
-
Still very interesting. I wonder if there is compiler settings for how you want the clr to be scrambled. I would not be supprised to see new and improved dissamlers out there because technicly your shiping the recipie(sp) for your program.I haven't really played with anything of that yet. Opens up some neet prospects for crackers.
-
> technicly your shiping the recipie(sp) for your program.
Yeah, but the more I think about it, the more I realize it's the same thing as distributing your code as an exe...
-
True but it sems to me that the CLI is a higher level language then Asm so there for it should be easier to read it. It stil probably would be faster and better to just figure out what you want to do and write the code instead of trying to reverse engineer someone else code.
-
> It stil probably would be faster and better to just figure out what you want to do and write the code instead of trying to reverse engineer someone else code.
Well yes, it would, if you were intending to do something legit. This had a whole bunch of people at the event scared that their code was going to be stolen, since the CLI's just in a text file.
-
So does the dissasembler actualy take it all the way back to C#? And how readable is it? I haven't seen it myself.
-
It doesn't take it back to the native language, although I do believe it's readable (I was in the back and couldn't see exceptionally well)
-
So it could be possible to disassemble the code. Do some cracks. recompile it back to CLI and be a happy thief. Sounds like that would be a huge concern for almost everyone. I have a hard time to belive that MS would base the code integrity on the scrambling alone. Although it would be hysterical if MS missed a huge security issue that couldn't be fixed without rethinking the whole .NET project.
-
I think it's pretty easy to read the IL, here's a release build. See if you can guess what it does -
Code:
.method private hidebysig static void Main(string[] args) cil managed
{
.entrypoint
// Code size 11 (0xb)
.maxstack 8
IL_0000: ldstr "Hello, World!"
IL_0005: call void [mscorlib]System.Console::WriteLine(string)
IL_000a: ret
} // end of method Class1::Main
-
Oh... wow.... That's no good at all...
-
If that is as secret as it will get I know my next project will be in unmanaged C++. It is also interesting to see a MS reference in the code [mscorlib] sense MS claims the IL to be totaly system independent
-
> It is also interesting to see a MS reference in the code [mscorlib] sense MS claims the IL to be totaly system independent
Maybe (probably) that refers to something in the .NET Framework.... It may be system independent, but it still needs the framework..
-
Thats a good assumption but if IL and the NET framework is supposed to be an independent standard submited to a standard organisation(don't remeber the name) I wouldn't think it should have references to MS. Kinda like you don't see any references to AT&T on C++. Maybee I am making an emu out of an egg here but I like picking on details