We've discussed this morning the path to go and it's pretty much acquiring a copy of an obfuscator. Still other options were presented.
Eventually, if one does a deep study of the core technologies, one can write their own obfuscators. A good grasp of IL and the CLR should be pretty much what is required. Others pretty much have delineated the path (this particular series
starts here, for instance). Ultimately, no simple feat though; which puts a whole lot of people out.
Obfuscating on our case it's not so much a protection against tampering. Our software will try to make its way into a highly competitive business with a good potential for profit. Our main concern is making it more difficult for the competition, in case someone decided to eyeball our methods. We do want to ensure some form of tampering protection though, since the client systems can be numbered in the tenths for every customer and we need to ensure that our software validation routines have a minimum of protection. Finally there's one third issue. Our software, being a POS and retail management system, must try to offer some protection against hacks meant to fake/alter data. The so-called "zappers" are a real threat on this type of business and on our country and in Europe (our planned markets) if the IRS or social security catch inconsistent data meant to fool the taxes, their first line of response is against exactly the software manufacturer.
The problem for us is the investment of course. 2K may not seem much, but it's already well and beyond our capabilities, if you consider other investments that had to be made to bring this startup to a solid start. It wasn't the case with software (to some extent) since we adopted the Microsoft BizSpark program. But we are paying rent, we are paying 2 other developers, we had to buy computers, we had to buy desks, chairs, ... I think you get the gist; all for a project that is planned to hit the market only by mid April next year. We simply don't have the money anymore. Right around the purchase of the computers, we had to start to pour in our own personal money.
So, for even smaller outfits and for the guy at home planning to develop, not for the enterprise market like we do, but for the consumer in general, .Net lack of any code protection is in my view a real bummer for the adoption of the language. I really trust this to be one of the most motivating factors for .Net development to not be so widespread in the consumer market. I for one cannot conceive developing closed source software in a language like C# for the consumer market without the need to at least give it a minimum of protection against tampering or inspection.