Should you obfuscate a commercial .Net application?

Question

I was thinking about obfuscating a commercial .Net application. But is it really worth the effort to select, buy and use such a tool? Are the obfuscated binaries really safe

Answer 1

Yes you definitely should. Not to protect it from a determined person, but to get some profit and have customers. By the way, if you reach a point here someone tries to crack your software, that means you sell a popular software.

The problem is what tool to choose for the job. Check out my experience with commercial obfuscators: https://stackoverflow.com/questions/337134/what-is-the-best-net-obfuscator-on-the-market/2356575#2356575

Answer 2

Yes, we do. We use BitHelmet obfuscator. It's new, but it works really well.

Answer 3

I've had success putting the output from one free obfuscator into a different obfuscator. In Dotfuscator CE, only some of the obfuscation tricks are included, so using a second obfuscator that has different tricks makes it more obfuscated.

Answer 4

But is it really worth the effort to select, buy and use such a tool?

I found Eazfuscator cheap (free), and easy to use: took about a day. I already had extensive automated tests (good coverage), so I reckon I could find any bugs that are/were introduced by obfuscation.