I have a Windows Store App, currently obfuscated with Dotfuscator. As of right now, we are not including the public debug symbols in the release package, for fear that they can be used to undermine the obfuscation and possibly assist in reverse engineering/disassembling our application. Unfortunately, this makes it difficult to deal with crash dumps that MSFT provides us.
Is this fear warranted? Should we be including the debug symbols? What are the implications of leaving the debug symbols in?
I've attempted to use the unobfuscated public symbols with the crash dumps, but they do not load in Windbg or the Visual Studio Debugger. I assume because Dotfuscator rebuilds the application.
Is there a way to make Dotfuscator create debug symbols for us to use, and separate those out?
From what I can tell, Dotfuscator's GUI does have an option to "Emit Debugging Symbols":
To my knowledge, the Community Edition of Dotfuscator does not have this functionality, at the least, I could not find it within browsing the options it provides. This seems to be confirmed by the Community Additions of the Visual Studio 2005 article on Dotfuscator.