Main Site Documentation

TinyCLR binary file security


#1

HI

Is/Will there be a method for protecting TinyCLR files loaded to a board to make it harder to reverse engineer?

If you have any suggestions or questions please let me know…Thanks

Gus50310


#2

This is one of the most requested features and will definitely look into it but it is still too early to talk about this.


#3

Obfuscation should work. I haven’t tried it on TinyCLR but is very effective for desktop .NET app.


#4

Thanks for putting it on the to do list.


#5

Thanks wdlyons for the reply.
I had been considering obfuscation so think I will just go a head and try it.


#6

I’ve been thinking about this as well, as some of the work I’m doing would be good to protect (and potentially required by clients).

The route I was looking in to was storing nothing on the internal memory except a loader and then pulling the code off of a separate code-protected module. But that is complex, makes debugging potentially a pain, and of course increases boot time substantially.

Having code protect features within the framework itself would be a welcome addition. However I suspect this would rely heavily on hardware as well?


#7

I tried obfuscating with RedGate smart assembly and it refused to process a tinyclr assembly,
I have sent in a question to redgate about this, waiting to hear back.


#8

Thanks for the input trent1098s
I was mulling over if adding “self-destruct” code in the release version is possible that would over write as much as possible of the program in memory if say a photo eye detected the enclosure was opened to access the USB port and power was applied. I have to hook up any way to load/develop/debug so would not be that big of deal to reload the program and jumper out what ever the kill input is. I suppose someone intent on sucking out the code and knowledgeable of electronics would be suspicious of photo eyes or cover switches.
Gus50310


#9

Thanks for the reply wdlyons
Bummer on RedGate not working. It will be a few months before I actually need to try different obfuscating solutions myself but am gathering ideas and info until then.
Gus50310