.NET equals Efficiency - Page 9


DevX Home    Today's Headlines   Articles Archive   Tip Bank   Forums   

Page 9 of 11 FirstFirst ... 7891011 LastLast
Results 121 to 135 of 151

Thread: .NET equals Efficiency

  1. #121
    Rob Teixeira Guest

    Re: .NET equals Efficiency



    I understand this viewpoint perfectly.
    Which is why I've been saying all along that people need to take steps to
    protect their code (as much as possible anyway). In the response to Bill,
    I included one way of doing it with MSIL.

    I know you feel safer with native code, because in that model, you beat the
    odds. However, (and I'm trying to find the link now) there was a guy who
    cracked a VB app a while ago simply because he got pissed at the product
    support people (and disabled both their no-save and nag feature). He even
    posted how he did it on a web-site. And believe me when I say it was *trivial*!


    -Rob


    <dv> wrote:
    >Rob,
    >
    >Not to defend the PhD-izzy but there are big differences between the
    >real-world "security" of the assembly code and the IL. Now, both are not
    >secure but it is easier to "work" on the IL then on the assembly code. Let
    >me give you an real world example. Our company sells the VB application
    >already for little over 2 years and we do provide trial version download.
    >We've got some stuff in the code that shows the nag screen etc. but the

    main
    >thing is that trial version cannot be unlocked. So, for over 2 years nobody
    >has broken that, it is compiled as a native code application not the p-code.
    >Now, we released the .NET application, same trial version scheme and it
    >cannot be unlocked, and after couple of weeks the broken version where IL
    >code was modified and protection is removed is floating around.
    >
    >Now this would lead you to believe that assembly code is more "secure" and
    >based on our experience it really is. Both are not 100% but, the IL version
    >is hurting our bottom line more than the natively compiled code... That

    is
    >the difference.





  2. #122
    W.E.(Bill) Goodrich, PhD Guest

    Re: .NET equals Efficiency

    In article <3c7d0afb$1@10.1.10.29>,
    "Rob Teixeira" <RobTeixeira@@msn.com> writes:

    > "W.E.(Bill) Goodrich, PhD" <bgoodric@netzero.net> wrote:


    > >You are, with your all-or-nothing claims about security. You keep
    > >trying to claim that since something is not *absolutely* protected
    > >it therefore is "not secure".


    > Well, if you put in those terms, it isn't. Being secure is like being
    > a virgin - you are, or you aren't. If there's a way to get in, it's
    > not secure. Plain and simple.


    Do you ever bother to lock your front door? Why?
    Do you ever take the keys out of your car and lock it? Why?
    Do you avoid posting your credit card numbers and expiration dates to
    public areas of the internet? Why?

    You have gotten so lost in your desperate attempt to defend your
    beloved .NET that you have wandered off the edge of the world.

    In the real world:

    - locked doors are *more secure* than unlocked doors

    - locked doors with locked deadbolts are *more secure* than simple
    locked doors

    - locked and deadbolted armored doors with armored frames are *more
    secure* than locked and deadbolted hollow wooden doors in pinewood
    frames

    - An armored room with no windows and with locked, deadbolted armored
    door(s) and frame(s) is *more secure* than a wooden room with
    windows and wooden doors in wooden frames.

    .... and none of them is 100% "secure".

    By your reasoning, we shouldn't bother with locks or deadbolts since
    they do not make our homes *more secure* than they would be without
    them. And that is patent nonsense.

    > All you're whining about is how much obscurity it takes to make you
    > sleep better at night.


    You are the one whining - whining that we are being "unfair" to your
    beloved .NET by accurately pointing out that MSIL is less secure than
    native code. So you try to derail the issue with your "virginity"
    nonsense and your unsubstantiated claims of decompiling miracle tools.
    But the fact remains that native code compiles are *more secure* than
    MSIL in the real world. And modified native code .EXEs are *more
    secure* than unmodified native code .EXEs. No amount of your rhetorical
    games will change those facts.

    [...]

    > In summarization, you stated that .NET programs aren't suitable
    > for desktop/traditional/shrink-wrap/ [insert your lame word
    > of the day here]


    Another clear sign of your desperation.

    > programs, whereas other compilers are, because (one of the reasons
    > being) .NET produces IL and other compilers produce native binary Op
    > code.


    It is relevant to note a fact you are leaving out here. As part of the
    statement that MSIL is unsuitable for such applications, I pointed out
    the *trivial ease* with which MSIL can be converted back to a
    reasonable and useful facsimile of the original source code. And
    others here reiterated the earlier point that Micro$oft even *supplies*
    a tool for such decompilation, and that the feeble "lock" flag that
    Micro$oft provided for was trivially easy to circumvent.

    > When I stated that you can indeed get source code back from native
    > Op code,


    A statement that you have yet to substantiate. And that you made in
    feeble response to the above described statements about the trivial
    ease with which the MSIL can be decompiled. ANd your specific claim
    was that you could easily (with tools in your possession) get source
    code back from *my* native code distribution files.

    > you immediately interjected that


    .... SOME of ...

    > your particular code uses post-compilation hacks and tools to
    > deceive dissassemblers and decompilers


    Right. When I want my releases to be *even safer* than regular
    native code files.

    > - which means you don't trust your earlier assertion that native
    > code is safe,


    There you go again. My assertion was that native code is *safer* than
    MSIL - a fact that you keep trying to twist your way out of. The
    "hacks" as you call them merely provide an *additional* layer of
    security, making those files *even safer* than the unmodified native
    code.

    > and rely on further obscuring your code - only acknowledging what
    > I've been saying all along.


    Nonsense. My statements do nothing to support your preposterous all or
    nothing characterization of security. And your unsubstantiated claims
    to have found tools which can recover source code from VB6 native code
    compiles - specifically, from *my* VB6 native code - do nothing to
    answer the fact that Micro$oft itself supplies a tool for "recovering
    source code" from MSIL, and that hardly a week goes by without
    someone posting (on various Micro$oft related newsgroups and web pages)
    pointers to versions of that tool which circumvent the pathetic
    Micro$oft flag.

    If you have to rely on such pathetically transparent games in order to
    pretend that there is some validity to your position, is it really
    worth going through the motions of supporting that position? Do you
    really think you will sucker some clueless newbie into accepting your
    claims? Even your fellow .NET cheerleaders know better.

    --

    W.E. (Bill) Goodrich, PhD

    *-----------------------*--------------------------------------------*
    * CHANGE YOUR SEXUALITY * http://www.nyx.net/~bgoodric/ctg.html *
    * * *
    * Without Aversive * ctgcentral@earthlink.net *
    * Behavior Modification * Creative Technology Group *
    * or Drugs * PO Box 286 *
    * * Englewood, CO 80151-0286 *
    *-----------------------*--------------------------------------------*

  3. #123
    Phil Weber Guest

    Re: .NET equals Efficiency

    PhD: Are you a psychotherapist? Your Web site would seem to indicate that
    you are, but your arrogant and contentious online persona makes me wonder
    how effective you can be in a field based on cultivating trusting
    relationships with other people?

    Just curious...
    ---
    Phil Weber



  4. #124
    W.E.(Bill) Goodrich, PhD Guest

    Re: .NET equals Efficiency

    In article <3c7e8681$1@10.1.10.29>,
    "Phil Weber" <pweber@nospam.fawcette.com> writes:

    > PhD: Are you a psychotherapist?


    Why, are you looking for one? I am not accepting new clients at
    the moment, but if you list your specific symptoms I might be able to
    recommend someone in your area.

    > Your Web site would seem to indicate that you are, but your arrogant
    > and contentious online persona makes me wonder how effective you can
    > be in a field based on cultivating trusting relationships with other
    > people?


    Are you suggesting that I should treat you .NET cheerleaders as
    patients and offer you treatment over the internet? While a few of you
    come across as actively delusional, I seriously doubt that any of you
    qualify for that type of treatment.

    If you find your way into some of the professional Listservs, you will
    find that many of the psychotherapeutic community (psychotherapists,
    psychologists, CSWs, MFTs, psychiatrists, etc.) are quite contentious
    online. There is a difference between the appropriate professional
    demeanor when engaging in a Dr./patient or therapist/client
    interaction and the effective ways to engage in online debates and
    the like.

    But wouldn't you have declared such a question "off topic" if it had
    been posted by someone else? My training, education, and practice of
    psychotherapy is irrelevant to the issues surrounding VB.NET (other
    than as it relates to the aberrations of some of the pro-.NET camp).

    --

    W.E. (Bill) Goodrich, PhD

    *-----------------------*--------------------------------------------*
    * CHANGE YOUR SEXUALITY * http://www.nyx.net/~bgoodric/ctg.html *
    * * *
    * Without Aversive * ctgcentral@earthlink.net *
    * Behavior Modification * Creative Technology Group *
    * or Drugs * PO Box 286 *
    * * Englewood, CO 80151-0286 *
    *-----------------------*--------------------------------------------*

  5. #125
    Zane Thomas [.NET MVP] Guest

    Re: .NET equals Efficiency

    On Thu, 28 Feb 2002 13:17:39 -0700, "W.E.(Bill) Goodrich, PhD"
    <bgoodric@netzero.net> wrote:

    >> PhD: Are you a psychotherapist?

    >
    >Why, are you looking for one? I am not accepting new clients at
    >the moment


    Gave up trying eh? Guess that explains why you have so much time to write
    so many long and deceitful posts.


    --
    When freedom is outlawed
    only outlaws will be free.

  6. #126
    Zane Thomas [.NET MVP] Guest

    Re: .NET equals Efficiency

    On Thu, 28 Feb 2002 13:17:39 -0700, "W.E.(Bill) Goodrich, PhD"
    <bgoodric@netzero.net> wrote:

    >If you find your way into some of the professional Listservs, you will
    >find that many of the psychotherapeutic community (psychotherapists,
    >psychologists, CSWs, MFTs, psychiatrists, etc.) are quite contentious
    >online.


    A natural consequence of a "profession" so filled with frauds, puffed-up
    egotists, and those who have no theoretical underpinnings for their
    so-called disciplines.


    --
    When freedom is outlawed
    only outlaws will be free.

  7. #127
    Patrick Troughton Guest

    Re: .NET equals Efficiency


    "W.E.(Bill) Goodrich, PhD" <bgoodric@netzero.net> wrote:
    >
    >There is a difference between the appropriate professional
    >demeanor when engaging in a Dr./patient or therapist/client
    >interaction and the effective ways to engage in online debates and
    >the like.


    Are you implying that you you've been effective in this newsgroup?

    >My training, education, and practice of
    >psychotherapy is irrelevant to the issues surrounding VB.NET (other
    >than as it relates to the aberrations of some of the pro-.NET camp).


    If you believe your training and education (of psychotherapy) is "irrelevant
    to the issues surrounding VB.NET" then why do you list them on each and every
    post you make to this newsgroup? Not to mention the "CHANGE YOUR SEXUALITY"
    tagline? Do you ever bother *reading* you posts before posting them? Perhaps
    if you did, you wouldn't look like such an idiot so much of the time in this
    newsgroup.

    (Please excuse the word "idiot". I don't mean it as an insult. I just couldn't
    think of any other word that would accurately describe you without losing
    meaning.)

    /Pat

  8. #128
    Robert Lantry Guest

    Re: .NET equals Efficiency


    "Patrick Troughton" <Patrick@Troughton.com> wrote:
    >
    >"W.E.(Bill) Goodrich, PhD" <bgoodric@netzero.net> wrote:
    >>

    >(Please excuse the word "idiot". I don't mean it as an insult. I just couldn't
    >think of any other word that would accurately describe you without losing
    >meaning.)
    >
    >/Pat


    erm...meaning, he's an idiot?



  9. #129
    Phil Weber Guest

    Re: .NET equals Efficiency

    > Why, are you looking for one?

    PhD: As a matter of fact, I am. After having encountered you, I'm concerned
    that I may end up with a therapist who pretends to be empathetic and
    non-judgmental in my presence, but who is in fact self-important and in love
    with the sound of his own voice.

    > Are you suggesting that I should treat you .NET cheerleaders
    > as patients...?


    I'm suggesting that if you behave with clients in a way that's apparently
    the opposite of your true personality, that's duplicitous, and would seem to
    me to undermine trust. Aren't you concerned that your clients might see some
    of your online exchanges? Wouldn't it be detrimental to their therapy if
    they feel you're being less than honest with them?

    > But wouldn't you have declared such a question "off topic"
    > if it had been posted by someone else?


    You're right, I probably would eventually have asked that this conversation
    be taken to the off.ramp (you'll note, however, that I've said nothing about
    the recent Stephen King or Peoria, IL exchanges, so no, I don't immediately
    object to any off-topic post). I'll set this post's followup-to header to
    that group, and look for your reply there.
    ---
    Phil Weber



  10. #130
    Rob Teixeira Guest

    Re: .NET equals Efficiency


    "W.E.(Bill) Goodrich, PhD" <bgoodric@netzero.net> wrote:
    >
    >You have gotten so lost in your desperate attempt to defend your
    >beloved .NET that you have wandered off the edge of the world.


    First of all Bill, in your desperate attempt to denegrate .NET in favor of
    VB6 and to make yourself out to be an authority on all things computing,
    you are ignoring the meaningful discussion behind the topics here, instead
    wandering off into your simplistic assignments and categorizations. My "beloved
    .NET"? What the **** is that all about? It's a tool, just like VB6 was. If
    i was truly in the simplistic "cheerleading" categorization you love to use,
    I'd be telling you there's no problem at all, which I clearly am not.

    >By your reasoning, we shouldn't bother with locks or deadbolts since
    >they do not make our homes *more secure* than they would be without
    >them. And that is patent nonsense.


    I see logic isn't one of the courses necessary for a PhD in your field.
    If this is what you took out of the whole discussion, and is your conclusion,
    you are way off base.
    The point is that all code is vulnerable, and you need to invest in "locks"
    if security is a concern to you. This applies to native Op code and MSIL
    and Java bytecode.

    More about the BS you state conserning the inability to MSIL more secure
    later later...

    >You are the one whining - whining that we are being "unfair" to your
    >beloved .NET by accurately pointing out that MSIL is less secure than
    >native code.


    Actually, I made a two sentance statement. You replied with a long list of
    whining. Plus, I never said anything about "unfair". I'm laying out a number
    of issues people need to look at. You on the other hand, are getting defensive
    that somebody isn't jiving completely with your point of view.

    >But the fact remains that native code compiles are *more secure* than
    >MSIL in the real world. And modified native code .EXEs are *more
    >secure* than unmodified native code .EXEs. No amount of your rhetorical


    >games will change those facts.


    Fine. Then by that standard, modified MSIL assemblies are *more secure* than
    non-modified assemblies. And encrypted assemblies, which can't even be identified
    as PE binaries, are *more secure* than native Op code binaries. I even showed
    you how to do that, and you totally ignored the fact that I can demonstrate
    how to make the IL assembly completely unreadable to any of the decompilation
    tools you are talking about.

    >Another clear sign of your desperation.


    Look in the mirror sometime.

    >It is relevant to note a fact you are leaving out here. As part of the
    >statement that MSIL is unsuitable for such applications, I pointed out
    >the *trivial ease* with which MSIL can be converted back to a
    >reasonable and useful facsimile of the original source code.


    And again, you are leaving out the fact that I showed you how to defeat that
    conversion with *trivial ease*. So you *can* make MSIL "more secure" with
    simple measures - which blows your argument completely out of the water.
    You keep ignoring that.

    >And others here reiterated the earlier point that Micro$oft even *supplies*


    >a tool for such decompilation, and that the feeble "lock" flag that
    >Micro$oft provided for was trivially easy to circumvent.


    I guess in your "desperate attempt" (is that what you called it?) to defend
    your position, you are ignoring the fact that I mentioned there are several
    ways to make MSIL more obscure, and none of them included the "lock" flag
    - the "/owner" switch BTW, in case you were wondering what it's really called.
    And if people are posting all the time about how to get around it, they are
    lemmings, because the /owner switch isn't a "lock" on the assembly, it is
    a flag that prevents the ILDASM tool from displaying the disassembly of the
    IL.

    >If you have to rely on such pathetically transparent games in order to
    >pretend that there is some validity to your position, is it really
    >worth going through the motions of supporting that position?


    Same question I asked you earlier.

    >Do you
    >really think you will sucker some clueless newbie into accepting your
    >claims? Even your fellow .NET cheerleaders know better.


    Interesting how easy it is to push your buttons
    Also interesting on how you insist on drawing sides, and delegating people
    to those categorizations. You don't see me associating you with some childish
    group categorization - and if such categorizations were appropriate, i certainly
    wouldn't call you one of the .NOT, if only to avoid insulting the intelligent
    people who happen to not like .NET.

    Bill, you're arguing like a little spoiled kid. All that needed to be said
    has been said. Stop wasting everyone's time and bandwidth. Can't stand not
    being the last word though, right? Be my guest.

    -Rob

  11. #131
    Zane Thomas [.NET MVP] Guest

    Re: .NET equals Efficiency

    On Thu, 28 Feb 2002 21:50:22 -0600, "Michael D. Kersey"
    <mdkersey@hal-pc.org> wrote:

    >Thank you for pointing that out!
    >*PLONK*
    >The signal-to-noise ratio of this newsgroup makes yet another dramatic
    >increase!


    ROFL!!!


    --
    When freedom is outlawed
    only outlaws will be free.

  12. #132
    Kathleen Dollard Guest

    Re: .NET equals Efficiency

    Bill,

    > But wouldn't you have declared such a question "off topic" if it had
    > been posted by someone else? My training, education, and practice of
    > psychotherapy is irrelevant to the issues surrounding VB.NET (other
    > than as it relates to the aberrations of some of the pro-.NET camp).


    I agree, it is annoying that you continue to waste bandwidth on an
    advertisement in your sig that is irrelevant to all and offensive to some.
    That you insist on a focus on your irrelevant endeavours says a great deal
    aobut you.

    Kathleen



  13. #133
    Mike Mitchell Guest

    Re: .NET equals Efficiency

    On Fri, 1 Mar 2002 07:37:24 -0700, "Kathleen Dollard"
    <kathleen@mvps.org> wrote:

    >I agree, it is annoying that you continue to waste bandwidth on an
    >advertisement in your sig that is irrelevant to all and offensive to some.
    >That you insist on a focus on your irrelevant endeavours says a great deal
    >aobut you.


    I think you are unfairly attacking the messenger because his message
    doesn't accord with the .Net evangelism which is rife in this ng. This
    seems to be a pronounced symptom of .Net zealotry, which no one can
    fail to notice. It's almost as if you're all afraid of criticism!

    MM

  14. #134
    Patrick Troughton Guest

    Re: .NET equals Efficiency


    kylix_is@yahoo.co.uk (Mike Mitchell) wrote:
    >
    >
    >I think you are unfairly attacking the messenger because his message
    >doesn't accord with the .Net evangelism which is rife in this ng.


    Are you honestly saying you fail to see the inherent contradiction in his
    post? I'll spell it out if you need me to.

    >This
    >seems to be a pronounced symptom of .Net zealotry, which no one can
    >fail to notice. It's almost as if you're all afraid of criticism!


    No one's afraid of *valid* criticism, Mike. No one's afraid of invalid criticism
    either, but don't be surprised when it gets shot down. Stick to the facts.
    Stick to the things you can back up and you'll do alright. What gets you
    and others in trouble is when you make wild assertions and can't back them
    up.

    /Pat

  15. #135
    Jacob Grass Guest

    Re: .NET equals Efficiency

    > I think you are unfairly attacking the messenger because his message
    > doesn't accord with the .Net evangelism which is rife in this ng. This
    > seems to be a pronounced symptom of .Net zealotry, which no one can
    > fail to notice. It's almost as if you're all afraid of criticism!


    Wow, Mike, you are so right. . . Dr. Bill is the VB Messiah. I'd probably
    be kissing his *** too if both your heads weren't in the way. . .

    Jacob




Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center
 
 
FAQ
Latest Articles
Java
.NET
XML
Database
Enterprise
Questions? Contact us.
C++
Web Development
Wireless
Latest Tips
Open Source


   Development Centers

   -- Android Development Center
   -- Cloud Development Project Center
   -- HTML5 Development Center
   -- Windows Mobile Development Center