The version of Dotfuscator that ships with Visual Studio 2010 can’t be added to an automatic build script because it requires user interaction to perform a build. The commercial version of Dotfuscator has both an MSBuild task and a command line option for build automation, but purchasing a commercial license for a pure open source project is normally not an option. At the request of the community, we are making two options available to help alleviate this issue.

The first option, available to anyone who has Visual Studio 2010 Professional or higher, is to register for and download a patch to upgrade the installed version of Dotfuscator CE to version 5.0.2601. This version of Dotfuscator includes a command line interface and removes the restrictions that block automation. It does not require any user action to start a build, nor does it require Visual Studio to be running. The instrumentation abilities are identical to the previous versions: up to 10 named features with none of the advanced functionality from the commercial version (custom data gathered at runtime, detailed system and performance data, unique serial numbers, custom tamper and expiration behavior). To download this patch, you will need to create an account here . Go to My Account and the patch will be available in the Downloads section. After you install the patch, you will have a new DotfuscatorCLI.exe application in your Dotfuscator CE installation directory which you can use to automate builds. The command line is similar to the commercial version of Dotfuscator and is documented in the Command Line Interface reference in the online documentation .

The second option is that open source projects hosted on CodePlex can use the commercial version of Dotfuscator to instrument the application. Any project administrator can request a PreEmptive Open Source Project License here and receive the full version of Dotfuscator to use as the Runtime Intelligence code injection tool for their project. The project will then have access to the full range of instrumentation features available to commercial users including custom data gathered at runtime, support for occasionally connected clients, easy integration for Silverlight XAP and ClickOnce packages and ongoing enhancements as we release new commercial versions of Dotfuscator. Additionally, the project will be able to use the MSBuild task or the command line to easily integrate into their automated build environment.

With these options, developers are now better able to get accurate and actionable feedback on how their applications are really being used and can tighten the feedback look between themselves and their users. Better information on usability and functionality will lead to improved applications, and now it’s easier than ever to get that data.

Similar to WPF applications prior to 4.7.1000, until 4.8.1000 Silverlight applications required that identifiers in XAML be excluded.  This left a great deal of Silverlight code unobfuscated.  Compare the two Silverlight applications below, one obfuscated prior to 4.8.1000 and one obfuscated today:

In addition to dramatically increasing the protection of Silverlight applications, we also improved the speed at which we obfuscate .NET 4.0 assemblies and other various bug fixes.  As always, check the change log for full details.

Before	After

In addition to WPF obfuscation Dotfuscator 4.7.1000 also includes support for resigning Silverlight 4 XAP packages and updated support for integrating with InishTech SLPS.

There are two functional changes for this release, the first is that for new projects Library mode is now the default for all assemblies and packages.  This improves the out of the box experience but with the trade off of not renaming any publicly accessible types and public members of those types.  For applications that require the maximum amount of protection PreEmpitve recommends turning off library mode wherever possible.  A second functional change is tamper notifications are turned off by default.  Using tamper detection and defense does not require the sending of tamper notifications and this change makes it easier to test tamper detection with minimal configuration overhead.

Additional changes include support for the .NET 4.0 extensions to ClickOnce applications, support for ClickOnce packages that include native assemblies, and bug fixes.  See the change log for full details.

Keep tuned to this blog, we have many more exciting announcements coming soon.

Projects hosted on CodePlex can use either the free version of Dotfuscator (included in Visual Studio 2010) or the commercial edition to inject application analytics features into their binary distributions.  The application analytics automatically tracks how many times is run in the wild and the duration of those runs. This provides a measurement of application popularity beyond counting the number of downloads.  Basic system profile information, such as which operating systems and framework versions the application are run under, is gathered and reported on as well.  Additionally, feature usage within the application can be measured including the number of executions as well as their duration.  Total application runs per day statistics are available on the projects statistics page on CodePlex and detailed usage data is available from a link on the statistics page.

With the understanding that there can be privacy concerns, Runtime Intelligence instrumentation transmits no personally identifiable information.  It is also very easy to surface the built in Opt-In/Opt-Out functionality in the library and give individual application users the choice to participate in the program.

The individual usage data is aggregated and daily application usage is viewable on the projects statistics page as well as links to detailed reports of application and feature usage.

Instrumentation of applications compiled against .NET 2.0 and higher (including Silverlight 2, 3, and 4) is supported by Dotfuscator Community Edition.

Projects that use custom attributes to decorate their injection points are permitted to redistribute the PreEmptive.Attributes.dll library as part of their source code.  The library is only necessary for compilation of the application and references to it are stripped out during the instrumentation process, so it does not need to be included in binary distributions.  A signed downlevel version of the attributes library is available on the CodePlex Runtime Intelligence Integration project page (http://runtimeintelligence.codeplex.com/releases ) that can be used in any project targeting .NET 2.0 or higher.  This library is also allowed to be generally distributed with project source code.

Any project hosted on CodePlex can now take advantage of the deep knowledge into user activity that Runtime Intelligence Services provides by reviewing a sample walkthrough here and implementing this new feature into a future release.

I was invited to act as part of PreEmptive’s delegation to the launch event and humbled to speak with so many passionate developers, architects, DBAs, and yes – even managers. What I did not initially expect was the overwhelmingly positive response from nearly everyone we talked with. Most people had never heard of application analytics. But, with a brief introduction everyone quickly understood the idea and many offered up scenarios where they would want to use it for their applications (completely unsolicited, I might add). It was thrilling to receive such a positive response to something I - and the other fantastic developers here at PreEmptive - have worked very hard over the past few years to create.

I very much encourage the great folks I met in Las Vegas last week, along with millions of passionate developers across the globe, to open up Dotfuscator CE and try out the free analytics we’ve included. Today, most web developers wouldn’t think of publishing a web site without including web analytics. I hope that having these analytics included with Visual Studio 2010 will lead to application developers thinking the same way about their applications. Of course, using the two together in a Silverlight or ASP.NET application to get a complete view of the visitor’s experience is a natural fit. But application analytics extends far beyond that. Now, all .NET developers are able to get live information that can help steer development focus, even in areas that were previously completely opaque – from cloud apps running on Windows Azure to mobile phone applications on Windows Phone 7 and even to applications running on Linux and Mac with Mono.

In fact, I look forward to seeing how application analytics will be used to support open source development throughout the .NET ecosystem. Because open source developers essentially donate their spare time, being able to focus their efforts in places that have the most user impact is crucial. An open source development model also allows far greater flexibility for developers to immediately shift their focus to match what their users are actually doing with the software they produce, without the constraints of rigid development and deployment practices. Because of these factors, I specifically encourage maintainers of open source projects to try the free application analytics provided in Dotfuscator CE. Together with the bug reports and feature requests you already have, you will be able to truly make the most of the precious time that your contributors give.

Some might say that it’s counterintuitive for a company known for source code obfuscation to support open source development, but at PreEmptive our guiding principle is simply “help software succeed”. With application analytics, we have the opportunity to extend our dedication to this principle beyond proprietary software. In the past few months, we’ve released numerous projects on CodePlex including some awesome editor extensions that integrate application analytics right into the Visual Studio 2010 IDE, an endpoint starter kit so you can write your own backend to receive and process Runtime Intelligence messages, a data visualizer sample to demonstrate how to consume analytics data using our RESTful analytics API, and an API helper library to make using our API even easier. And our new partnership with CodePlex, which will provide free application analytics for hosted projects surfaced right within each project’s page, provides us yet another great opportunity to help software succeed.

In addition to supporting the latest and greatest frameworks for both obfuscation and instrumentation, this release also includes a new feature that has a top spot in our customer request list.  Up until now applications instrumented with Runtime Intelligence were unable to react to scenarios where your customers have only occasional network access so some of the application analytics data was not gathered.  By default, any applications instrumented with Dotfuscator 4.6.5000 or higher will store usage data in Isolated Storage when the application cannot send data to the configured Runtime Intelligence endpoint.  When connectivity to the endpoint is restored all the saved usage data is sent to the endpoint for storage and reporting.  In the event that the Runtime Intelligence endpoint is not accessible for an extended period of time, or that the application is used so heavily that the allocated space is filled, the injected code will remove older unsent usage data to make room for newer data.  You also have the option to revert to the previous behavior of dropping usage data when the network is inaccessible by simply changing the setting for the offline behavior as well as writing your own custom network detection code.  Additionally, you can set up your application to react to changes in connectivity either with a default implementation of shutting down the application when connectivity is lost or by having the injected code set the value of a field or property, or invoke a method of your choosing.

We also improved our support of ClickOnce application processing and fixed some bugs.  As always, changes are detailed on our change log .

There are many more changes coming to Dotfuscator, DashO and Runtime Intelligence in the near future.  Keep tuned for more exciting news as it unfurls.

One of the items being announced today by Microsoft at MIX is the SilverLight Analytics Framework. The Silverlight Analytics Framework will let designers and developers visually build analytics into their Silverlight applications using Microsoft’s Expression Blend.

Now, most readers of my blog already know that Developers can already inject Runtime Intelligence analytics into Silverlight (and any other managed code) using Dotfuscator inside Visual Studio. I am excited about this new framework because it offers an entirely new way to configure runtime intelligence (using Expression Blend) and that means a whole new community of users also have access to analytics for the very first time. This is also being echoed by Michael Scherotter, principal architect evangelist at Microsoft Corp. and architect of the analytics framework. He writes that we have “successfully used the Silverlight Analytics Framework to open its application instrumentation to a new audience of designers.”

Runtime Intelligence offers the following advantages over traditional Web analytics services:

· The analytics endpoint (and the resulting data) can be self-hosted and managed by the application provider (you don’t have to send your data to a third party – but that option is also available too).

· While the resulting Web analytics maps to the Silverlight Analytics Framework data model, the underlying SOAP schema is shared with Dotfuscator’s instrumentation.

The common schema allows Dotfuscator to provide a complimentary instrumentation mechanism for any .NET Framework component. THIS means that

· Middle and back-office application tiers can be instrumented providing a deeper view across distributed application workflows.

· Older or alternative applications using WPF or some other non-Silverlight form factors can be benchmarked against the newer Silverlight applications to track both user behaviors and application usage.

The world of application analytics is about to take a big step forward. In fact I believe that one day in the not too distant future application analytics will be as common as web analytics is today and the distinction will eventually disappear.

What decisions could you make to better serve your customers, to reduce your costs, and improve your products if you had ready access to usage data streamed to you from the wild?

Tell me what you would do - I would love to hear from you.

Online viewers of the Vancouver Olympics on NBCOlympics.com are using Silverlight based video and photo viewers delivering full HD quality content for viewers and helping content owners monetize their content. I am pleased to say that Dotfuscator had a hand in all of this innovation providing both protection and optimization for the high performing video player at the heart the NBC online Olympic experience.

For an overall description of the Silverlight solution, see: http://team.silverlight.net/events/let-the-games-begin/

For Microsoft’s own description of the role of partners (including us of course), see: http://team.silverlight.net/customer-evidence/vancouver-olympics-ndash-how-rsquo-d-we-do-that/

The development teams especially appreciated the fact that Dotfuscator can accept and output XAP files (instead of low level DLLs that force developers to manually edit XAP files).  This shortens and simplifies the release process – and was critical for an event like the Olympics.

On an unrelated Silverlight note, I was pleased to see David Kelly’s recent blog entry . This Silverlight MVP has identified Dotfuscator’s Silverlight analytics as “a critical tool in your tool Silverlight toolbox.” Good Stuff.

We’re familiar with big software vendors including Customer Experience Improvement Program (CEIP) features in their applications allowing them to gather anonymous usage data showing which features people are actually using. Analyzing that data allows them to focus their development efforts on what their users are actually doing, as well as obtaining hard measurements of how features are actually adopted in the wild. As someone whose paycheck depends on meeting the users’ requirements I really like to know how much of my time is being spent developing stuff that people actually want and use. Unfortunately, I don’t have the huge number of person-years and dollars to spend on something that is not directly related to my core application functionality to get a CEIP into my products.

Instrumenting an application to send its usage data back to the free Runtime Intelligence portal hosted by PreEmptive is covered in some previous blog posts (here and here ), but today I am covering a slightly different scenario. While there are great analytics capabilities in the hosted portal, my current needs are only basic usage tracking and that I must store the data at my own facility. As is normally the case in proof-of-concept situations, I have no budget, no time, and am highly visible to non-technical decision makers.

The first problem, no budget, is easily solved by using freely available tools. First, I am going to use Dotfuscator Community Edition 5.0, included in my copy of Visual Studio 2010, to perform injection of the application analytics functionality into my binaries. Since I need to store the usage data at my location I can’t use the hosted free endpoint and reporting portal, but I can use the new open source (Ms-RL license) Runtime Intelligence Endpoint Starter Kit (RI Starter Kit) to build my own application usage listener service, data repository, and basic reports.

The fact that I have no time to implement this is also solved by my selection of tools. Since this is a proof-of-concept, I don’t need to create any extra code to obtain the users opt-in consent for tracking application usage. This means I can leverage Dotfuscator’s post compilation code injection model, similar to IL Weaving in Aspect Orientated Programming, to inject usage tracking directly into my test application binary without changing any source code or recompiling. In a matter of minutes I navigate through my applications structure and define the injection points from within the Dotfuscator user interface. To create a database using either SQL Express 2005 or higher or MySQL 5 or higher only takes a few minutes. Finally, setting up the WCF service project only requires updating the connection string in the web.config. Using the outstanding documentation included in the RI Starter Kit as my guide in less than an 30 minutes I have a proof of concept for tracking how often my application is run and which features the users are actually using.

Finally, I have to show something useful to the non-technical users. I know that application analytics data is being sent to my endpoint and stored in the database. I can easily run a few queries to get a feel for how the application is being used but not everyone is as comfortable with SQL as I am. As I review the source code included in the RI Starter Kit I see that there is also a SQL Server Reporting Services solution that contains two prewritten reports that show application and feature usage over time. A quick update of the data source, a deploy to the SSRS server, and now the business users have an easy way of seeing what our users like best about our products. To add application analytics data to executive dashboards, there’s also a SharePoint Web Part included so you can easily put an application usage graph directly into any SharePoint site (WSS 3.0 / MOSS 2007 or higher).

All in all, I have spent around an hour and no money adding basic application usage tracking and analysis to an existing product and exposed that data to both technical and non-technical users. With only a small amount of code, I easily add an opt-in dialog to my product so my users can choose to send their usage data for analysis.  Now I have the start of my very own Customer Experience Improvement Program.

PreEmptive is always looking for feedback on our products, please take this new solution for a spin and leave us comments, feature requests and ideas on the project’s Codeplex page.