Using RedGate’s Reflector, you may easily get the full source for an application. But to reduce the chances of an algorithm being found out, there are obfuscators to reduce this likelihood.
My questions are:
- How effective are obfuscators?
- What is safer in terms of hiding your algorithms: C++ without .NET libraries or obfuscated .NET programs.
- Are there any others way to make .NET source code even more secure?
If you definitely want to secure something, go for C++, as in the .NET World there is a powerful deobfuscator named de4dot (see here: https://github.com/0xd4d/de4dot) that deobfuscates what most obfuscators on the market produce, event the ones it does not explicitely know.
However, this will only raise the bar, as even in the c++ world, there are powerful tools also (IDA: http://www.hex-rays.com/products/ida/index.shtml).
There are other solutions, like mixed code assemblies where you can have the part you want to hide in native code and the rest in managed. see here for more: Mixed (Native and Managed) Assemblies