When you were describing debugging obfuscated code I was thinking.. "hey.. that's what my normal code is like"!

I really feel bad to know that people are literally stealing your paid course material. You put a lot of effort making those

Just wanted to stop a minute and thank you for your videos :) really well done and very clear.

A very logical overview of a subject I've pondered previously. Great to get the thoughts of a more experienced developer. Much appreciated, thanks.

Very interesting discussion. We develop software for the Financial and Banking industry and are forced to pen test our software. We have successfully used Wibu Codemeter for years now. Very fast to protect. Anti tamper/anti debug and runs on all current desktop and server os’es. Licensing comes as a bonus. I used HASP in the 90’s for some FORTRAN cad software but this is just light years ahead. Keep up the great work.

It's incredible how right you are as always. You have always help me not with only learning some new programing language, but being a better person and provider. I'm impressed of your words because 2 years ago I loose a client because obfuscating my app, antivirus detected as a malware because of very high encrypted method, I couldn't change his mind it was the security level of my app. Thank you Corey, long life.

Thanks! If u can please have a tutorial about licensing, and preventing app from used freely.

Thanks for your advice on this topic.

One of the best videos I've ever seen in my life. Great explanation and great pronunciation. Best Regards Tim Corey

I looked into the whole issue of this years ago for my vb and c# apps and came to the conclusion that there's no totally secure way if someone really wants to hack you, as the cost and hassle outweighs the risk (at least for me) so decided obfuscation was the only realistic way forward for me as a small developer to provide at least some security. You need to know your market, who would pirate it, and is it worth their time, what about new features, how many customers etc, basically all the points Tim makes, so sensible as always Tim, & thanks for confirming my own thoughts. GL

Someone told me their experience: decompiling one feature from a scientific program to see how they did it was ~1600 lines and took about 16 hours. Implementing it from scratch with the research paper once the method was known took about 2 hours. That's 16 hours of figuring out variables, figuring out dependencies, imagining code that didn't decompile correctly, and working through generated Windows Forms code.

I'm glad you were upfront with people - if it runs on an external computer - someone who is determined to, can reverse engineer it, no matter what. It's just a fact and any products claiming otherwise are misleading.

Thanks For Sharing.

Simply great !

Thank you for raising this topic. Now I know the comments' opiniond on obfuscating. yes obfuscating protects from cracking the internal logic but sometimes makes performance go down or the worst, untraceable bug. Nowadays, more hackers can still bypass protection

I wouldn't worry about this topic anymore, because: - nowadays all of the apps are served (or relatively easy to make it) by a backend (even it's a web, mobile or desktop app), so all of the business data and logic are in a secure place. The client app serves as a presentation layer simply. So if anyone wants to steal my colors, styles etc.. Good luck, let's do it.. - Furthermore there are some "law" considerations (especially if you are coding as a 'business'). It's more a b2b thing but it may protects versus the dirty competitors. - Finally me as an user never use 'hacked' software. Who can change an app by removing certain restrictions also able to add malicious code. So as an user I wouldn't take the risk to save a couple of dollars by putting my system in a danger.

Hi Tim, can you please make a tutorial on Reporting solutions and which one to use when? Like we use Crsytal Report, but want to move on to a modern solution. Should we go for RDLC or SSIS or PowerBI - I am confused. Also detailed course on Crystal Report or PowerBI or SSIS or RDLC are much appreciated.

Hi! I would like to ask you, how do you keep the versioning coherent between your web API software and stored procedures?

Tim is 100% right you aren’t going to stop decompilation

You are great sir. Love you

Paying customers will always pay for your apps even when they get cracked. Non paying thieves will always steal no matter what.

Thanks so much!!!

thank you for your good video and it's a shame that some people steal your work ..

I belong from country where piracy is norm. Man i use to do it also. But as i progressed in software development i came to know it is really hard to develop every thing content, games, softwares Pay for them if you can. No i happily pay for softwares, games books etc. One thing i have noticed being in third world countries most content publishers have no idea about bad currency conversion rates we have to suffer from. Only steam provide a regional pricing that make us buy game in good prices. I have spoken my heart. I am against piracy now. Tim may God Bless you. Excellent content as always.

Hi Tim, Thanks for the video

Just a question from your EF Core video (not sure anyone ever answers on old videos so). What is your opinion of writing async data layers vs non? That could be a discussion to compare pitfalls and benefits of both approaches.

Hi Tim, could you create a video under the Dev Question series on the importance of having a side project while learning .Net. Also would be better to point out some direction on what all sample things we can develop, also how can we squeeze out time to do that in the midst of our daily busy schedule of work/family time etc.?

Hello Tim, thank you as always. any updates on Xamarin Course? do you have future plans for flutter?

Hi Tim, Thanks for this one. Useful as always. Maybe someday something on the subject "desktop client vs web client"? :) I think it would be an interesting topic to cover.

best way to protect your code it to constantly work on it. If u update your app consumers will follow newest update and decompilers will stay behind

Very good video

can C# be compiled to machine code to run on a server? or is it always JIT?

So, if I made a site in blazor webassembly, and we use c# code in the .razor pages, is it possible for the user to see that c# code?

200K loading... Great video as always!

Hey tim, great video. What kind of decompilstion software exist? Ilspy is a good one to look into dlls, i but would actually like to try to compile a program and try to reverse engineer it. Have a good one

Hi Tim, can you please do a tutorial of the pricing structure for C# desktop application? Or maybe how to price a desktop app and cloud app subscription ? Thanks

Not expected this much theory 😎. I always admired Tim for the practicals in his videos but things are changed.

Hi Tim, thanks for all of your videos I really do appreciate them and they've been really helpful. My question here is apart from 'ADVANCED INSTALLER' is there any other tool I can use to build my c# desktop apps to production? Love from Sierra Leone 🇸🇱🇸🇱🇸🇱🇸🇱🇸🇱🇸🇱🇸🇱

Thanks

With a language like C# that is semi-compiled (jitted languages) it's almost impossible to stop. C++ you can obfuscate the code a bit more, but people can still decompile as it has to be able to run as machine code anyway as he says you can never fully protect your code.

So let's say if I wanted to make a competitor to Adobe Photoshop using C#, it would be pointless to sell because anyone could just decompile & remove the activation check? Obviously it has been done for the actual Adobe Photoshop several times so there is no foolproof method, but definitely choose another language to code such a product?

I think the obfuscation from red-gate are probably the best ones, or at least the most difficult to decompile after the fact.

I like how your courses are a good price and with all the extra youtube videos on top of it it's well worth the money. I did the blazor server course and am thinking about doing some C# ones. One video that would be nice to see is an expansion on the blazor server authentication topic. So using the template authentication option but then scaffolding it out so you can integrate your own modifications or coupling that up with another database for those of us who don't want EF for the entire project. Of course this is just my personal dilemma as I'm going to start an entirely new project soon and want to do it in blazor :)

I was just about to obfuscate. hahahah. Thank you for preventing me messing with my self :D

The same idea is applied to safes. They're rated by how long it takes to break into them.

Did you do a deep drive into Unit Testing already?

Hi Tim, What is Microsoft.Identity.Web and How to use it? Thanks

What about using tools such as NGen for pre-compiling .NET assemblies?

I think the key is to differentiate between those who pirate for industrial purposes to make money and the ignorant user who thinks the are doing nothing wrong. The latter can always be encouraged and nudged to do the right thing while the first shold be hunted down by authorities.

Tim calling out the Defense Contract Management Agency (DCMA)

Sometimes wish people would just know the definition of obfuscation: to make deliberately obscure. Obfuscating code is just making it obscure. If it is in public space you must assume it has been hacked.

What about Wibu codemeter or sentinel hasp ?

does partition or 2 parties or 3 parties solve that?

When Native AOT becomes wide spread, wouldn’t using that in your applications make it harder to decompile, due to your c# compiling into native code rather than the IL

it is very easy to decompile applications today with tools like DNSPY and then saving as a VS project if there is no protection ............protected your code and well being use VMP or thermidia with a mixture of self written string obfuscation to hide strings from memory and try as they will its just not worth the time at that point to decompile your programs because youd need to get rid of all the virtualization from the program and anti debug and anti tamper then decompress it then the string obfuscation ontop of it

The best way to prevent decompilation of your project?Have it open source! :P no-one will bother if they just have the source code!

Does C# compile to machine code?

Random thought: I remember the creator of Leisure Suit Larry (unless you were a kid in the 80's - keep walking) saying his game was the most pirated piece of software ever. This was not his armchair opinion but a verifiable fact because he sold 10 000 copies and 6 MILLION hint books. Lol.

My code is so smelly noone would want to reverse engineer that 😂

I'll just write trash code so no one wants to steal it but work really hard at marketing it so people buy it. Viable solution? Perhaps...

WebGl 2.0 / former open gl got more security.

Anything can be reverse engineered.

i don't understand why compilers won't obuscate by default since its inneficient storing long variable property names lol

If they would have just gotten proper AOT compiling on .NET 5... This video would have been pointless. How about a C# -> C++ transpiler? And it's DRM. You can use the DCMA to sue them when doing it :)

Tim you're kind of over exaggerating how hard it is to decompile and rebuild an application. I've done it to applications built by big tech like Oracle and I'm talking about projects that are absolutely massive and still it takes me at MAXIMUM a day.

12:21, I have to respectfully disagree. If thousants of people buy my software, then impact of piracy is generally much less. Not in value, but in percentage which is mainly the thing.

"dont hurt the people who are buying your software" hahaha reminds me of the first application i ever released the licensing v1.0 was hell, so i created a software to handle all that, right? and after it successfully licenses the software it deletes the licensing dlls in order to prevent the customers from redistributing the software, cant say i am proud of that, but on some level.. yeeeeeah

Impossible ! Cracking c# apps are too easy, no matter what obfuscation... Virtualization will make it annoying but...

Video starts at 3:00

if(code == "decompiled") DeployAssassinDrones();

this guy needs to work at ubisoft

I opened a you tube channel and found my videos in an Indian compilation So i closed the channel I think it was stupid cause if people's stealing from you it means you have value. Can't stop it Just as you said make it more protected

1.25X playback speed

Bad intro voice...

Preventing desktop apps piracy is impossible, so don't bother your self at all.