Very easy decompilation

#1 Yes, we've thought about that. The last time i messed with obfuscation, though, a few years ago with Java, it was hard to set up and kind of irksome to deal with. Then people in with the release build would send you bugs with mangled stack traces that were impossible to interpret...to the point where I went through a lot of effort to right a utility that dumped out a mapping of mangled name to unmangled name so that I could read some of those traces.

Its probably gotten easier than that, though. Anyone recommened a good obfuscator?

I doubt native assembly code generation will work on the Xbox, but I might be wrong about that.

#2 Will anyone without full source actually be able to run the code on there 360? I have heard mixed things, the one thing i have heard consistently is that in order to share your game you will have to share your code as well and it will be compiled on the spot by the person you wish to share it with and then loaded to there xbox.

This lead me to the conclusion that unless the person you share your game (source) with has Torque X installed they will be unable to load it on there xbox. However for PC you can just hand out compiled versions.

If i am in fact i am wrong and we will be able to distribute our stuff in .dll form to people so they can run it on there xbox's then i'm sure only managed code will run which means that any serious Obfuscation will be pointless unless portions are converted from managed to assembly, and in order for the assembly to run it will have to be signed by microsoft.


So in short as long as its managed code it can be "dis-assembled" and if its un-managed code it will need to be signed by Microsoft to run on a 360. Also im vague on if you can actually distribute .dll's or if full source is needed to distribute a game to someone else's Xbox.

#3 They don't need to 'install' TXE, they just need the binaries, which GG gives away free.

You have to provide binaries, but I don't think you have to provide full source, but it's been awhile since I read up on that part of it.

#4

Quote:
Q: How exactly can I share my 360 game to other 360 users? Will my game only be available to people with the XNA "Creators Club" subscription? Will it be available to all 360 users that have an Xbox Live account?
A: There is currently no supported way to share binaries on the Xbox 360. Currently, there are four requirements that must be met in order to share a game targeting Xbox 360 which is developed with XNA Game Studio Express.

1. The individual you are planning to share the game with must be logged in to Xbox Live and have an active subscription to the XNA Creators Club
2. The receiving user must have downloaded the XNA Framework runtime environment for the Xbox 360
3. The receiving user must have XNA Game Studio Express installed on their own development PC
4. The game project, including all source and content assets, must be shared with the receiving user. The receiving user then compiles and deploys the game to their Xbox 360.

from
msdn.microsoft.com/directx/xna/faq/

which means unless Microsoft and GG have some special signed code thing going, how does your XBox 360 know that TorqueX is "special" and it doesn't need the full source to that too. (as per #4 above). How can your 360 tell the difference between TorqueX and Paul's Awesome XBox 360 Hack/Game ?


**edit can't have spaces in [url] tags**

#5 Good catch. Survey says.... ?

#6 As far as the installation of the XNA Framework onto the XBox360, that appears to now be in place with the latest update Microsoft pushed down to the systems through Xbox Live recently.

#7 @JohnQ -- as far as obfuscation is concerned, if you have a professional or better version of VS.NET 2K3 or a version of VS.NET 2K5, you have the community version of dotfuscator already [http://www.preemptive.com/index.html]. XML serialization issues will exist if you obfuscate, since the obfuscated names of your types and their members will be serialized to/from disk. You can prevent your serialized types from being obfuscated, however. Bear in mind that there is a performance penalty to pay for certain obfuscation methods. You can find the dotfuscator community edition off the Tools menu in VS.NET 2K5 if you want to play around with it and see what it does...

HTH

#8 I personally use Spices.NET. www.9rays.net/Products/Spices.Net/
There are lots of obfuscation tools out there, but I like Spices.NET for several reasons.
1. If I send them an assembly that breaks something, I usually get a bug fix in 24-48 hours. (It is however, somewhat buggy. I'd try the eval version before purchase just to make sure it works well enough for you. They fixed about 3 bugs during my 4 day eval, and they fix every bug I send them so quickly I don't worry about it too much.)
2. It allows de-obfuscation of the stack trace.
3. It also has decompiling into J#, VB.NET, C#, Delphi.NET, and managed C++. I often use it to convert from one language to another rather than hand coding a conversion. The decompile is by no means perfect, but it's close enough to be extremely useful.
4. It can generate some level of class diagrams.
5. VS 2005 Integration.

Quote:The last time i messed with obfuscation, though, a few years ago with Java, it was hard to set up and kind of irksome to deal with.

I would say that is much easier, but it can still be the case to some extent, depending on the obfuscation options you enable and what kind of item you're debugging. I think you could probably find a happy balance that gives you a good level of protection without making it too difficult to work with.

As far as the XBox toolset, we'll have to wait until that part is complete in XNA to see if it supports NGEN at all.

#9 Thanks for the tips. I'll check out Spices.NET

#10 John, would you like me to send you an obfuscated binary I built from the beta2 source?

#11 Thanks, but I probably don't need it right now. I still plan to look at Spices (before ship hopefully!)