Protect the source code on delivery to client

Question

I've recently learnt that the company that will handle the installation of one of our core products have previously tried to reverse engineer suppliers' work in evil purposes. Due to this I want to learn more about how to protect our work and so far I have thought of the following:

1) Obviously to use an obfuscator. Question is which one.

2) Encrypt config files as much as possible (especially endpoint information).

3) Move as much of the logic as possible to the web service.

4) Use SSL for data transfers.

The project is written in C#/WPF and connects to a set of web services hosted on a IIS 7. We package our deliveries with WIX, does WIX have anything to provide?

I understand that in the end all binaries can be hacked and that as a minor company we should probably concentrate on writing code instead of protecting it. But these minor steps will at lease make it harder. What else can be done? Does the community have any more advices regarding this? Links to internal/external resources would be much appreciated.

Answer 1

Here are your options:

• Don't give them the program, they've already abused their power
• Have them enter into a license agreement wherein:
  • They can reverse engineer the program or even see the source code within the confines defined by your legal team
  • They can't do anything without inviting a world of legal hurt
• Release the code as open source. You'd be surprised, if the "forbidden fruit" isn't forbidden they may just get bored and leave it alone.
• Move the proprietary computation to your own servers, essentially making your program into a thin client.
• Reverse engineer some of their tools. Enter into a cold-war of sorts.
• Stock up on patents, and when you see your own code out in the wild sue the company into oblivion for violating your patent.
• Pay the mob to run your "friends" out of town
• Send them a basket of muffins with a note that says "PlZ st0p wit teh H4x"
• Dress up as the ghost of professional integrity, visit each of the employees in their homes and teach them lessons about ethics and morality.
• Buy out the company, fire all of the employees.

Answer 2

As much an agreement with @Chris as anything.

Hire an attorney and draw up the appropriate license terms.

Every so often contact the offending company and ask if they have something similar to your software for sale. In the event they say yes, get a demo. If it bears any resemblence to yours, sue them into oblivion. One of the early stages in a lawsuit of this type is discovery. At which point you'll know whether they copied your code or not.

Presto, problem solved.

Point is, the only real solution is to use the legal system.