Another Visio programming problem

.NET obfuscator and automated error reporting

Moderators: Luke Jefferson, Alex.Davies, melvyn.harbour

Another Visio programming problem

Postby Roger Billsdon » Mon Aug 02, 2010 5:57 pm

Hi
I've hit another problem, this time it's with sinking custom events raised by Visio. The event sink in my program doesn't catch events raised by Visio if the SmartAssembly pruning option is selected. I was hoping to use pruning to help increase security and reduce program size. As before I tried adding Microsoft.Office.Interop.Visio to the exclusion list for this option, but in this case it made no difference.

Two questions:
1. How secure are programs that are obfuscated without the pruning option?
2. Do you have a whitepaper or any other documentation that describes the various options, the implications of using them or not, and any common problems when using SmartAssembly. At present I'm having to randomly try various options which is a little time consuming and tedious.

Many thanks
Roger
Roger Billsdon
 
Posts: 9
Joined: Sat Jul 31, 2010 8:10 am
Location: Cambs, UK

Re: Another Visio programming problem

Postby nick.maidment » Tue Aug 03, 2010 6:13 pm

Hi Roger,

1. I'm not entirely sure how best to measure that, as it depends on what level of obfuscation you apply. I think the best thing I can do is give you an idea of what code should look like before and after obfuscation. it's detailed here: http://www.red-gate.com/supportcenter/C ... 032210.htm

2. There is a fair amount of information here: http://www.red-gate.com/supportcenter/P ... rtAssembly in the "learning SmartAssembly -> using SmartAssembly section near the bottom of the page
nick.maidment
 
Posts: 74
Joined: Fri Jan 29, 2010 1:55 pm

Postby Roger Billsdon » Wed Aug 04, 2010 6:37 pm

Hi Nick

Many thanks, but I'd already read through those.

Because all the SmartAssembly help topics are all marked "Help content is still under construction" I thought maybe you might have some additional content (even if it's only in draft form) that was a little more specific to the pruning or interop problems I'm hitting?

Best regards
Roger
Roger Billsdon
 
Posts: 9
Joined: Sat Jul 31, 2010 8:10 am
Location: Cambs, UK

Postby Paul.Martin » Fri Aug 06, 2010 12:33 am

With regard to 1) - depending on your coding style pruning is mostly a code optimization process rather than a security process.
The main times it will increase security is when you have code with testing hooks, future/obsolete functionality. However it will always improve security of metadata only elements like properties and events (which only exist as metadata and are only there as pointers to the underlying get/set/add/remove methods).

Have you excluded the event sink itself from pruning?
Paul.Martin
 
Posts: 83
Joined: Wed Feb 03, 2010 11:20 am
Location: Cambridgeshire


Return to SmartAssembly 5

Who is online

Users browsing this forum: No registered users and 0 guests