All geek questions in one place

Can a WinRT application use obfuscation?

All Metro applications must be tested before distribution through the Windows 8 AppStore. Does this mean that code obfuscation cannot be used? Or is it still possible, and only some specific aspects will be monitored during such a check?

+6
source share
3 answers

Here are some facts:

  • The marketplace for WP7 allows you to confuse C # applications (even MS he advises doing this), and I see no reason why the Windows AppStore will prohibit such applications.
  • Almost certainly, some vendors will provide a compatible C ++ obfuscator.
  • You must ensure that your customers are not crackers. :)
  • many hacks will be blocked to obfuscate the code.

Remember that if you have some kind of logic that you want to hide, create a web service and use it in your client application. Better spend time creating a better application, fixing bugs, etc.

There are no dice, if someone has access to binary files, it is just a matter of time before someone breaks it.

+5
source

This is an answer to a chair with some things that come to mind:

  • Even a C ++ application can still be anozed if it depends on dynamic binding to the runtime or API, which is the case in WinRT applications. Microsoft could theoretically enable automatic or individual testing of your application using a special sandbox and / or OS interceptors capable of detecting whether your application is trying to perform certain prohibited operations.

  • Under the hood, C ++ applications for WinRT are more like native C ++ applications than C ++ / CLI, so obfuscation is not required to the extent that it is for C #, all other things being equal.

  • You can still create C # applications designed for WinRT, but your code will still be compiled into CIL and run in the CLR (more or less), invoking WinRT through the wrappers provided by Microsoft. Since this is CIL, the issue of obfuscation should be equivalent to the issue of obfuscation in C # /. NET in general.

+5
source

For WinRT, obfuscation is still possible. Validation by the application certification suite covers many aspects, including metadata and IL validation. Just like the old eternity.

+1
source

Source: https://habr.com/ru/post/897863/

More articles:


All Articles