Protecting your work is difficult protecting, especially if you’re a relatively small start-up, trying to generate an income and there is no affordable way to protect your applications from being pirated.
Unfortunately, the preceding sentence is also quite a common excuse for developers not protecting their work.
What are our options when this situation arises?
Not much from a developer perspective, but there are quite a few useful tools that may be worth a look.
First, the Developer Perspective
As mentioned in a “Protecting Visual Basic .NET Source Code and Applications,” a relatively old article of mine, here are some options developers could implement to protect their code and applications.
Obfuscation is the process of scrambling the symbols, code, and data of a program to prevent reverse engineering. Obfuscation tools mangle symbols and rearrange code blocks to foil decompiling. They also may encrypt strings containing sensitive data. It’s important to understand that obfuscators (as they exist today) can’t completely protect your intellectual property. Because the code is on the client machine, a really determined hacker with lots of time can study the code and data structures enough to understand what’s going on. Obfuscators do provide value in raising the bar, however, defeating most decompile tools and preventing the casual hacker from stealing your intellectual property. They can make your code as difficult to reverse engineer as optimize native code.
Encryption is the process of translating plain text data (known as plaintext) into something that appears to be random and meaningless (known as ciphertext). Decryption is the process of converting ciphertext back to plaintext.
To encode plaintext, an encryption key is used to impose an encryption algorithm onto the data. To decode the cipher, a user must possess the appropriate decryption key. A decryption key consists of a random string of numbers, from 40 through 2,000 bits in length. The key imposes a decryption algorithm onto the data. This decryption algorithm reverses the encryption algorithm, returning the data to plaintext. The longer the encryption key is, the more difficult it is to decode. For a 40-bit encryption key, over one trillion possible decryption keys exist.
There are two primary approaches to encryption: symmetric and public-key. Symmetric encryption is the most common type of encryption and uses the same key for encoding and decoding data. This key is known as a session key. Public-key encryption uses two different keys, a public key and a private key. One key encodes the message and the other decodes it. The public key is widely distributed whereas the private key is secret.
Trial applications allow only a specified limit in which the application can be used. Once the time limit expires, the application is unusable.
CryptoLicensing For .NET
CryptoLicensing for .NET is a licensing solution for any .NET application, including:
- Windows Forms
- WPF applications
- Console apps
- Components and controls
- ASP.NET applications
- .NET Core and .NET Standard assemblies
- XNA and Xbox games and libraries
- Windows Services
LimeLM lets you offer trials for your applications, track conversions of your apps, and sell your apps in many ways, including:
- Per-site basis
Infralution Licensing System is .NET solution for licensing the following:
- .NET Applications
- Controls and Components
- ASP.NET Web Applications
- ASP.NET Web Components
- Universal Windows Platform (UWP) Apps
- Universal Windows Platform (UWP) Components
Other Tools Worth Mentioning
Last, but not least, here are some other tools worthy of your time:
Not all methods are perfect or cheap, but as a developer or a software house, you must put methods in place to protect your work and products.