Dotfuscator is a .NET obfuscator designed to help developers harden their apps and protect their managed code from reverse engineering and tampering. A community edition of the tooling has been a well-known component in Visual Studio since VS 2003. The new Dotfuscator Software Services in VS 2010 builds on the obfuscation by enabling tamper alerts, expiration activation, opt-in/opt-out logic and app instrumentation with the community edition of PreEmptive's Runtime Intelligence Service for .NET, first released in 2007.
Runtime Intelligence is a post-compile code injection technology that enables developers to monitor app usage by putting custom attributes into their source code, or selecting Instrumentation in the Dotfuscator user interface and defining entry and exit points using extended attributes. After the app is compiled, logic code is injected into the decorated methods to track usage data and session-level information. The runtime data is streamed via XML-based SOAP messages to an HTTP endpoint--an arbitrary URI or an RIS portal with basic dashboard and reporting features. The commercial version of the Runtime Intelligence Service is a multitenant repository, available as a hosted service or custom installation.
"The community edition does not come with a repository," said Sebastian Holst, chief marketing officer at PreEmptive Solutions. "You have to catch those signals yourself and do something with them."
The Runtime Intelligence Endpoint Starter Kit is an open source reference project for building a repository based on SQL Server Express 2005, MySQL 5.0 or later versions. Along with sample code and reference materials, it includes Dotfuscator CE to inject instrumentation into a sample application, a schema to store the SOAP packets in a repository and an example of a simple SharePoint Web Part to publish that data. The source code is licensed under Ms-RL. It requires .NET 3.5 (for the SharePoint Web Part) and Visual Studio 2010 Beta 1, or later versions. The Endpoint Starter Kit can also be used with the Java version of PreEmptive's obfuscation technology, DashO.
An earlier CodePlex project features the source code from a VS 2010 editor extension, presented by PreEmptive Solutions at Microsoft's Professional Developer Conference in November. The VS extension integrates Runtime Intelligence data to show gaps between code coverage, tests and usage data. It takes advantage of custom margins, inline adornments and other new code editor functionality.
The Dotfuscator Software Services Community Edition is available in all but the Express versions of VS 2010. It is also part of all of the Visual Studio test builds. The app instrumentation can be used with assemblies in all versions of .NET, the Compact framework, Silverlight XAP files, WPF, WinForms, WCF and Azure WebRoles.
"What is important about this approach is that because it is inside of Dotfuscator, a post-compile utility, things can be applied to anything that has ever been written," said Holst. "We are working with organizations that are refactoring to take advantage of Silverlight. They can inject the analytics into the legacy app as well as the new app to compare from a functional perspective how users are doing the same things but inside of new code."
What’s Next For ‘Hurt Locker’ Director Kathryn Bigelow?Red Gate Launches .NET Reflector Pro, Updates Community Edition