It's called C++.

I've never shipped software to the end user directly, therefore I've never had a need to do any obfuscation.

I'm not currently doing it but would also like to know the answers to these questions.

I've never released anything to the world that wouldn't be "open", but I plan to. So how much of an IP protector is it?

I've used obfuscation before - on two separate occasions. We used the one built into Visual Studio.NET 2003, and it worked for what we wanted it to do. We only wanted to hide a few pieces of data, and it did that just fine for us. Last I checked, Reflector couldn't display the data, so we were happy!

For background, I own a company called Tourney Logic (http://www.tourneylogic.com" rel="nofollow">http://www.tourneylogic.com">http://www.tourneylogic.com" rel="nofollow">http://www.tourneylogic.com), and we have two products, both requiring registration, so we obfuscated the registration code.

The process to do it isn't exactly simple, especially with a product where you need to expose an API - you have to actively go in and exclude the interfaces you don't want obfuscated. And, this is maintained in a separate XML file, so you have to remember to edit that file any time you add a new interface. The one nice thing is that if all of your interfaces are in one namespace, you can exlcude whole namespaces.

The other gotcha has to do with web applications. You have to remember to not obfuscate the name of the code-behind classes and methods - the names of those classes are coded into the .aspx file, so if the name is obfuscated, things break. And again, those exclusions are stored in a different XML file, so adding new pages means you need to revisit your obfuscation.

Overall, though, it's not too bad once you get it set up. We have it as part of our automated build process, so while tedious, it's do-able and can be automated.