Categories
Dotfuscator

Presenting Dotfuscator 6.5: Major Maintenance Update!

Reading Time: 2 minutes

PreEmptive is pleased to announce the release of Dotfuscator 6.5, a tool used by software developers to protect code from hacking and reverse engineering.

The version 6.5 update is a big one. It addresses various .NET Core, .NET 5, and cross-platform support items, fixes various bugs, and improves performance of the licensing system that was introduced earlier this year. We’ve added new static and dynamic code transforms and injected runtime checks to ensure security in all stages of the development process. We also amplified defense against de-obfuscators and de-compilers.

 

 

Dotfuscator at a Glance

Dotfuscator is a DevSecOps tool that protects .NET applications from reverse-engineering and hacking. Using static and dynamic code transforms and injected runtime checks, Dotfuscator obfuscates source code on .NET, Xamarin, and Windows Platform Apps. It integrates into the development build process and operates on the .NET Intermediate Language. Dotfuscator Professional supports .NET, including .NET Core, .NET 5, Xamarin, and Mono.

For more information, check out Dotfuscator 101. It’ll walk you through its features and show how the program provides ironclad security against common (and uncommon) software development vulnerabilities.

 

 

 

New Features & Fixes in Version 6.5

The release notes provide fully detailed information about the updates in this version, which include: 

  • Simplified license key use
  • Improved subscription checks  from the license server
  • Status messaging for Dotfuscator CLI and MSBuild integration users
  • Added support for NuGet packages
  • Improved V2 license verification
  • Compatibility with both forward and backslashes
  • Accelerated Dotfuscator GUI build time
  • dnSpy detection
  • Improved support for Nullable Reference Types
  • Updated Xamarin Android Tamper Check to use new APIs
  • Sample project showing how to use Dotfuscator with Azure DevOps
  • Additional samples for non-Windows environments
  • Tamper and Debugging Check for .NET Core 3.1 and .NET 5 apps

 

 

Upgrade or Download a Demo Today!

Every organization developing .NET software needs Dotfuscator in its development process. Data breaches are no longer a maybe. They happen every day to companies of all sizes in all industries. If you don’t protect your code at the onset, you risk becoming just one more data breach statistic.

 

PreEmptive Dotfuscator has been the leader in In-App security since 2003. We serve clients of all sizes, including enterprise and Fortune 500 companies in medical, government, and other industries. This release is supported for licensed users as described in the release notes. We encourage you to upgrade your software to enjoy the new features. And if you haven’t tried Dotfuscator yet, request a demo today.


Categories
Dotfuscator Support Corner

Protecting Windows Forms Applications with Data Bound GUI Controls

Reading Time: 3 minutes

Today we will focus on data binding, but first let’s define this. Data binding allows Windows Forms applications to display and update UI controls from a data source, without having to modify source code for the control itself. 

When protecting Windows Forms applications, it is important to note how the data bound controls are constructed to determine if they will be impacted by code obfuscation.  If the controls bind to a collection of objects, original property names of that object must be preserved to correctly populate “DisplayMember” and “ValueMember” properties of the control.  When binding controls to an Enum, the original names of its members must be preserved, or the GUI control might show obfuscated names.  On the other hand, if we’re binding directly to a database table (and the table does not map to an object in source code), we don’t need any custom configurations because Dotfuscator does not mangle table and column names.

Consider the Following Example:

This simple Windows Forms application has three UI controls with different data binding techniques: a DataGridView binds to a Customer table in a database, a ListBox binds to a collection of Employee objects, and ComboBox binds to an Enum called DaysOfWeek:  

If I obfuscate with project defaults, I experience a runtime error at app startup:

This occurs because original property names of the Employee object are used in “DisplayMember” and “ValueMember” ListBox properties:

            listBox1.DataSource = employeeList;

            listBox1.DisplayMember = “Name”;

            listBox1.ValueMember = “Department”;

To Avoid the Runtime Error:

First, I’ll open my project configuration file (DotfuscatorConfig.xml) in the Dotfuscator Config Editor, and set a Rename exclusion for the properties in the Employee object:

After configuring this Rename exclusions, the application starts without the runtime exception, but the “DaysOfWeek” ComboBox appears with obfuscated names:

In order to fix this, I will configure a Rename exclusion for the members of DaysOfWeek.

After providing this Rename exclusion, the app starts without any issues or erroneous behavior.  Please also note the DataGridView, which binds to the Customer table in our database, did not require any Rename configuration to start and display correctly.

Conclusion

There are several different ways to use data binding in Windows Forms applications.  We’ve seen a few ways that data bound controls can be impacted by obfuscation.  If you experienced a runtime crash or erroneous UI behavior after applying obfuscation, please use the above steps to resolve the issue. 

The full example can be downloaded here.

If you have any feedback on this topic or other topics you would like us to discuss in the Support Corner, please feel free to contact our Support Department.

Categories
Dotfuscator

Surgical Theater Protects their Medical Applications with Dotfuscator

Reading Time: 3 minutes

Surgical Theater Protects their Medical Applications with Dotfuscator

How It All Started

How is flying a fighter plane similar to performing neurosurgery? They have more in common than you’d think. In 2005, Monty Avisar and Alon Geri, two Israeli fighter pilots were assigned to work with Lockheed Martin to build a $50 million F-16 Flight Simulator program for the Israeli Air Force to improve hand-eye coordination skills for their pilots during combat. Avisar took on the role of project manager and Geri served as senior engineer; the project was a success.

Categories
Dotfuscator

Dotfuscator 6: The Next Era of Dotfuscator

Reading Time: 2 minutes

In the months since we released the Dotfuscator 6 beta, we’ve been hard at work finishing the feature set, fixing issues, and putting on the final touches in preparation for the full release. Now, we are happy to announce the full availability of Dotfuscator 6! 

Categories
Dotfuscator

Building on a Mac with Dotfuscator 6 In Azure DevOps

Reading Time: 4 minutes

PreEmptive is dedicated to protecting your apps, wherever and however they are built. Our recent release of the Dotfuscator 6.0 beta adds cross-platform support, allowing you to protect your application on other platforms besides Windows. This allows for intuitive integration into Xamarin.iOS projects on macOS.

Categories
Dotfuscator

Dotfuscator 6.0 Beta: Entering the Next Era of Dotfuscator

Reading Time: 3 minutes

Dotfuscator 6.0 is now available, with cross-platform support and more!

Categories
Dotfuscator

Highlights From .NET Conference 2019

Reading Time: 2 minutes

PreEmptive has partnered with Microsoft for 16 years and we’ve been involved with .NET since before version 1.0 shipped. From that perspective, it’s hard for us to pinpoint a time where the energy and enthusiasm in the .NET community has been higher than it is now. Over the past few years, Microsoft has put together the annual .NET Conf, completely online with viewers, participants, and local events all over the world. The event is virtual and streamed live over three days. 

Categories
Dotfuscator

Is your Mobile App GDPR Compliant? Learn how to secure your App

Reading Time: 5 minutes

Before I start, I would like to thank PreEmptive for inviting me to write a guest post.

I would like to start my blog with a discussion about the growing cyber threats all over the world. I assume readers are well aware of cyber threats and how they are addressed by people, process, and technology.

Categories
Dotfuscator

Are Xamarin.Android app users at risk?

Reading Time: < 1 minute

In a recent developer survey, Xamarin.Android developers were 50% less likely to have included rooted device detection or anti-tamper prevention as their Java Android peers were. Yet, both sets of apps are being deployed through the same marketplaces onto the same devices and are governed by the same regulations (PCI, GDPR, HIPAA to name just a few that expect these kinds of controls).Why are more Xamarin.Android apps going unprotected?

Categories
Dotfuscator

It’s Never Been Easier to Automate Your Builds With Dotfuscator Professional

Reading Time: 2 minutes

Whether you’re using Azure Pipelines, TeamCity, Jenkins, or your local dev machine, Dotfuscator Professional is easier to integrate than ever before.

Last August, we released an easier, better way to integrate Dotfuscator into your build process. We quickly followed that with new instructions for Xamarin integration – making Dotfuscator the easiest-to-integrate (and still most-effective!) Xamarin protection product, by far.