|
khalil.kamel wrote: I want to encrypt my source code how can this be accomplished.
Why would you do so?
In between, there are many encrypting tools available on internet.
Manas Bhardwaj
Please remember to rate helpful or unhelpful answers, it lets us and people reading the forums know if our answers are any good.
|
|
|
|
|
I want it to be encrypted on the client side. I do not want the user to see my source for security purposes
|
|
|
|
|
Why would they be able to see your source code ? Do you mean via reflection ? You're going to have to spend some serious money to buy a tool to precompile your .NET app so you don't use MSIL.
Christian Graus
Driven to the arms of OSX by Vista.
Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
|
|
|
|
|
Then don't give it to them.
|
|
|
|
|
LOL - I assume he's talking about reflection.
Christian Graus
Driven to the arms of OSX by Vista.
Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
|
|
|
|
|
The standard answer:
You can't stop someone from decompiling your code while still letting them execute it. You can "obfuscate" it (Which just changes the variable/method/class names to random junk) to make it difficult to understand, and you can encrypt any strings you store in it (While obfuscating the decryption key), but nothing is foolproof.
If someone is determined to read your code and is willing to put in the time and effort, they can do it.
|
|
|
|
|
Ok Guys it seems that i used some wrong terminology , once i was working on a web application when my PM did something suddenly when i right click on view page source there was nothing related to the page source. This is what i want to implement in my new application. Hope i explained it.
|
|
|
|
|
You're getting a lot of responses here. It seems to me that you have no idea what you're doing.
1 - right clicking on a web page lets you view the HTML, not the source code.
2 - the code your PM did to stop right clicks, is useless, anyone can defeat it
3 - there's nothing similar in a non web app, because it doesn't use HTML
4 - anyone can read your source code ( unlike a web app ), using reflection
5 - you can use free obsfucators, but free or commercial, they won't stop anyone determined
6 - you can spend a lot of money on tools that remove your source code,
7 - odds are high that it's not worth the effort.
Christian Graus
Driven to the arms of OSX by Vista.
Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
|
|
|
|
|
khalil.kamel wrote: for security purposes
Security by Obscurity[^] does not provide real protection.
Furthermore, if you are talking about your executable, what do you think encryption it will do? How could you expect the CPU to run code that it does not know? Unless it decrypts it first, but the user has the same knowledge as the CPU, which now apparently includes all information necessary to decrypt it, so you gain nothing.
[edit]Ok I starting posting before that last post of yours. The same principle applies. How does the browser know what to render if it doesn't have the source?
|
|
|
|
|
What am talking about is i do not want the client when he clicks view page source to view the javascript functions the control ids and so on...
|
|
|
|
|
So was I, in the part after the edit. How do you expect the browser to execute encrypted JavaScript, without decrypting it first? You couldn't decrypt it first, because that would mean giving away the decryption code on a silver platter.
|
|
|
|
|
Well I swear i know what are you saying and i do not know what did that person did but i really want to know how did he did it. Does any body has any suggestion?
|
|
|
|
|
From your description in the other post, all your coworker did was remove the "View Source" option from the menu, probably using a javascript function.
This is not secure. It's just aesthetic. It only makes it a little more difficult to view the source, NOT impossible.
|
|
|
|
|
|
|
I have a suggestion of how to make it "slightly harder" to quickly see all JavaScript: put the real code in a base64-encoded string, decode that and write that to the page in a normal function that people can see.
It won't stop a hacker, but it may stop the bored school kids who have nothing better to do than messing around with people's sites.
Don't rely on it.
|
|
|
|
|
You can override the context menu to "hide" the view page source option, but it won't remove it from the browser menu. There is no way to completely remove the ability to view the page source because it must be sent down in a way that the web browser can interpret and display it.
"WPF has many lovers. It's a veritable porn star!" - Josh Smith As Braveheart once said, "You can take our freedom but you'll never take our Hobnobs!" - Martin Hughes.
My blog | My articles | MoXAML PowerToys | Onyx
|
|
|
|
|
ok but how these things can be accomplished
|
|
|
|
|
Well, not with C#, that's for a start. Shouldn't you take this over to the web development forum? You'll possibly want to ask about doing it in jquery while you're over there, or disabling the right click.
"WPF has many lovers. It's a veritable porn star!" - Josh Smith As Braveheart once said, "You can take our freedom but you'll never take our Hobnobs!" - Martin Hughes.
My blog | My articles | MoXAML PowerToys | Onyx
|
|
|
|
|
Ok thanks i will post it on the other forum thanks for helping me guys but as a last question you are saying that to do what i am asking for i should use jquery not C# code. Right?
|
|
|
|
|
You need to use Javascript for this, not C#. Suppose I wanted to view your webpage on a Linux distro - how would you stop me from viewing the source there?
"WPF has many lovers. It's a veritable porn star!" - Josh Smith As Braveheart once said, "You can take our freedom but you'll never take our Hobnobs!" - Martin Hughes.
My blog | My articles | MoXAML PowerToys | Onyx
|
|
|
|
|
JavaScript it is , thanks. I will post it in the other forum.
|
|
|
|
|
khalil.kamel wrote: i should use jquery not C# code
Again, it's clear you are clueless. The odds of you writing code anyone would want to steal, are low. You CANNOT replace C# with jquery. Your C# code is the only thing that's secure here. It's on the server, and the user can't access it.
Christian Graus
Driven to the arms of OSX by Vista.
Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
|
|
|
|
|
khalil.kamel wrote: Does any body has any suggestion?
Ask the person who did it
only two letters away from being an asset
|
|
|
|
|
I will do so but first i wanted to search before i ask thnx anyways
|
|
|
|