To my mind theres one more point which has to be taken into account: .NET.
If the trend continues as m$ might want it, protection developers will have to come with ideas for that one or they won't earn any $$$. afaik there are only a few methods for obfuscation and no real method for protecting against decompiling (because of generic dumpers). But tbh I think (like Shub-Nigurrath and many others) VMs really are the future -as well for the .NET-.