Obfuscation

One of the things that has always made me nervous is the security of my .Net applications. I was apprehensive of the potential for someone to decompile my .Net programs. I have always wondered why Microsoft developed such a powerful framework and yet left it open to prying eyes. Why didn't Microsoft provide any tools (at least I am not aware of any tools) to protect the .Net assemblies? Well all is not lost. Thank goodness to 3rd party obfuscation and protection software. I used one such software to obfuscate my startup manager program and it worked out pretty good.

{smartassembly} is a great software to obfuscate .Net programs and assemblies. I used {smartassembly} to protect my startup manager program. The user interface is very simple. The protection process is very intuitive. The software simplified the protection process by presenting the options in a straightforward and easy to understand manner. There are several options to protect the assemblies. I was able to obfuscate the control flow of the program and encode strings in my program. I was able to add extended protection to my program by adding incorrect metadata to confuse decompilers and to prevent decompilation by ILDASM.

One useful feature I found was the capability to embed dependent assemblies where in you could embed dependent assemblies in your main assembly. I was able to take and embed three of my assemblies into the main program and not have to worry about dealing with many assemblies during deployment and runtime. This greatly reduced the number of assemblies I had to deploy with my application.



The size of the obfuscated program was less than the original program. I tried to open the obfuscated program in ILDASM but the program would not open. This was due to an option I selected in {smartassembly} to prevent from being opened in ILDASM.

















I then opened the obfuscated program in Lutz Reflector. The obfuscated program opened but the program was obfuscated and decompilation of the program would be next to impossible. As can be seen from the screenshot strings, classes, methods are obfuscated and classes were automatically sealed. This level of obfuscation makes it very difficult to understand and decompile the program.




{smartassembly} is not just an obfuscator but also provides several extended protection and optimization features such as memory management, pruning to reduce the size of the assembly, compressing, dependency merging and resource compression. Using the string encoding feature I was able to obfuscate sensitive strings that reveal intellectual information. This is a good feature to prevent decompilation of strings that may contain proprietary information. My application uses a lot of resources where icons are one of them. I was concerned about the size of the application but by using the resource compression feature I was able to compress the resources in the application.

Overall not only was I able to achieve protection for my application very easily but also improved and optimized the code, size and performance. I wouldn't have it any other way. For additional information on {smartassembly} please visit the website by clicking on the following link: http://www.smartassembly.com/

Startup Manager

Introduction

After many near sleepless nights I believe the time has come for me to publish the first release version of my newest software application. This is a moment to cherish as it turned out to be better than what I had expected. I will make the software application available pretty soon but before that I’d first like to talk about it.

This is obviously the first release of this software application but I feel that for a first release this is not bad at all. I will obviously add many more features and capabilities in the future releases. This software application will eventually be an all in one utility that will address all the needs of a computer user ranging from managing the installed programs to maintaining the computer itself. At the present moment this software application is a startup manager that allows a user to maintain and manage programs that are set to startup (run) automatically when a user logons to the computer. It is imperative to know what programs are going to run automatically so you can prevent unwanted programs from running automatically and potentially cause damage to your computer.

My objective in developing this software application was straightforward: simple yet powerful. Typically, it is a challenge to make a right blend of these two qualities. It is hard to make something powerful and not make it complex and lose its simplicities. Conversely, it is hard to make something simple and still have powerful capabilities. Simple is inversely proportional to Powerful. I have tried my best to get the mixture right in order to provide a rich user experience.

As can be seen from the screen capture below the application uses the latest Ribbon UI to give a professional look and feel yet making it easy for the user to work with the program. There are basically three sections in the application window. The topmost section is the toolbar section, the larger middle section is the startup list section and the bottom is the detailed information section. Let’s look at each of these sections one by one.




Toolbar

The toolbar section contains a toolbar with all the required commands to manage the startup programs. See the screenshot and the table below for the list of commands.

• Add Startup Entry: Allows user to add a new program to startup automatically
• Delete Startup Entry: Allows user to delete an existing startup entry
• Disable Startup Entry: Allows user to disable a startup entry and thereby prevent the referenced program from starting automatically
• Refresh Startup List: Refreshes the startup list
• Run Startup Entry: Runs the program referenced by the selected startup entry
• Hide Detailed Information: Allows user to show or hide additional information about the program referenced by the startup entry
• Expand All: Expands all tree nodes
• Collapse All: Collapses all tree nodes
• Expand Selected: Expands the selected tree node
• Collapse Selected: Collapses the selected tree node
• Configure: Allows user to set startup manager settings
  

The “add startup entry” and the “configure” commands actually display a popup where the required information can be entered before the actual command is executed.

Startup List

The startup list section lists the startup programs and their associated information. See the screenshot below.

This list is grouped by the type of the startup entry. For instance startup programs for all users in registry are grouped separately from startup programs for the current user in registry. The tree nodes should be expanded to view the startup programs. Users can navigate the list and edit startup program list by clicking the drop down box on the node in the Run Command column. Optionally, users can perform a lot of actions such as delete a startup entry, enable or disable a startup entry, run a startup entry, etc. by invoking the commands from the toolbar.

Detailed Information

The detailed information section is provided to show additional information about the selected startup program in the startup list section. See the screenshot below for the information shown in this section.



Wrap Up

This program is different than others in the market because it provides a simple UI, consistent look and feel, single UI i.e., user does not have to navigate away to other windows to do a task, unified and organized view of information where user does not have to go back and forth between multiple controls. Of course, I plan to expand this application and add many other new useful desktop utilities in the future releases that will make this application even better. In the coming days once everything gets settled down and after I do some housekeeping then I will post a roadmap. In the meantime please leave your comments.


Demo