Inventor Customization

Inventor Customization

Reply
Active Contributor
liminma8458
Posts: 33
Registered: ‎07-28-2009
Message 1 of 5 (228 Views)

Security concern: how to prevent DLL addin from reverse-engineering?

228 Views, 4 Replies
09-24-2012 10:36 AM

We create a greate deal of DLL addins for Inventor using microsoft VB.NET.  The code security is very important to us. I hear certain program such " Lutz Roeder's Reflector " can reverse engineer the DLL assemblies and get the actual code from it. This would cause concern when we deploy the DLL to various users.

 

So, is it true that DLL from VB.NET (or C# and C++) is so vulnerable from reverse engineering? if yes, what is any practice to add security to it?

 

It is a surprise there is no message in this forum on this imporant issue. Hope someone can help out or shed a light on that.

 

Thanks a lot

Mentor
matt_jlt
Posts: 218
Registered: ‎07-28-2007
Message 2 of 5 (214 Views)

Re: Security concern: how to prevent DLL addin from reverse-engineering?

09-25-2012 01:24 AM in reply to: liminma8458

You are correct about the code being reversable and there are lots of programs to achieve this.

There are some things you can do do protect your addins but there is nothing stopping someone with enough skills from bypassing any security you use.You have to weigh up if it is worth protecting your addins as it requires more time & effort and if you go for a third party solution, cost is an issue.

 

Here are a few things you can do that will provide some basic protection.

 

* Compile using the signed dll option (I don't do this because it's a pain updating & installing etc.)

* Use obfuscation (google for more info, lots of software to choose from)

* Use a built in protection of your own design (this won't provide much security unless your a codeing genius [which I am not ] but at least it will provide a deterrent for someone who just tries to flat out copy and paste the addins)

* Use a third party protection (lots to choose from but make sure it is implemented correctly as the weak point in a lot of third party software is how people implement it)

 

I use a basic serial number protection for only a handful of my addins and the rest I don't bother because it's not worth the extra time for me to do it and I share them around anyway.

 

Hope this info helps you out. Google is your friend on this one, plenty of info out there.

Regards, Matt.

Active Contributor
liminma8458
Posts: 33
Registered: ‎07-28-2009
Message 3 of 5 (203 Views)

Re: Security concern: how to prevent DLL addin from reverse-engineering?

09-25-2012 07:08 AM in reply to: matt_jlt

Matt,

 

Thank you very much. Your information is very helpful.

 

Looks like I have to add some disguised code or take out all the comments to make the possible-reversable code more difficult to follow. Is it another way?  ^_^

 

Thanks again

 

 

ADN Support Specialist
xiaodong.liang
Posts: 1,335
Registered: ‎06-12-2011
Message 4 of 5 (178 Views)

Re: Security concern: how to prevent DLL addin from reverse-engineering?

10-10-2012 10:31 PM in reply to: liminma8458

Hi,

 

I do not see more ways than Matt advised. You may need to google to choose the way which is best to you.



Xiaodong Liang
Developer Technical Services
Autodesk Developer Network

Mentor
bsee1
Posts: 212
Registered: ‎11-14-2011
Message 5 of 5 (172 Views)

Re: Security concern: how to prevent DLL addin from reverse-engineering?

10-11-2012 04:47 AM in reply to: liminma8458

It is my understanding that code that is reverse engineered using these tools will already have the comments removed.  The comments are of no use to the compiler, and therefore not compiled into the .dll or .exe you are creating.

*****************************
Win7 x64 - 16gb ram
i7 3610qm
FirePro M4000

Inventor 2013
ETO 6.1
Post to the Community

Have questions about Autodesk products? Ask the community.

New Post
Announcements
Do you have 60 seconds to spare? The Autodesk Community Team is revamping our site ranking system and we want your feedback! Please click here to launch the 5 question survey. As always your input is greatly appreciated.