Submit My Question - Recent Questions - Recent Answer
java >> Core >> Core APIs

How to save my Java Code from Decompiling....

hello everybody hope its the right plca to submit sucha s question can anyone tell me how can i protect my java source code i.e ( .class) files from decompiling softwares............thanx in advance pleaseeeeeeeeeeeee !!!11111
[233 byte] By [javafarmera] at [2007-9-19]
«« JMS message to Topic from C++
»» [Swing]Problem in JTable
# 1

You can't really prevent your code from being decompiled. The only thing you can do is code obfuscation. Those obfuscators try to make it hard for decompilers to translate the control flow into readable Java control structures. They also substitute the names of classes, their members and local identifiers by simple numbers or the like in order to disguise semantic hints. Name mangling is, however, a problem for interoperability as soon as class names or their public members are included. These obfuscators are fairly effective but no guarantee that no one might figure out your code. And is it really so crapy that you need to hide it ;-)

http://www.jguru.com/faq/view.jsp?EID=3820

http://www.zelix.com/

http://www.codingart.com/codeshield.html

thpreussera at 2007-7-8 > top of java,Core,Core APIs...
# 2

You could encrypt your resulting class files. Then you would have to create a class loader which could decrypt the class files in question. You would have to ensure that all of your classes are loaded by your class loader; simple enough to do. Now, the hard part is the encryption, choosing an encryption algorithm, and, assuming that you are not using reversible encryption, then you would have to find a way to hide the decryption key or safe guard it somehow.

Personally, I do not like the obfuscator path only because, and this is especially so when deployment time comes, it can be harder to detect a problem in the software due to the nature of the obfusication process...

cpolizzia at 2007-7-8 > top of java,Core,Core APIs...
# 3
... and then you ship your application with this personalized ClassLoader, which cannot be encrypted. How do you then prevent people from decompiling this ClassLoader to get the very code for decryption?
thpreussera at 2007-7-8 > top of java,Core,Core APIs...
# 4

> How do you then prevent people from decompiling this ClassLoader to get the very code for

> decryption?

As I pointed out earlier, therein lies the problem.

There are techniques, some are better than others, but there simply is no such thing as code or data that is truly 100% secure. Oh sure, you achieve 100% security, but at the cost of reducing the usefulness of the product. Some of the techniques that exist out there today come very close...

About the next best thing I can think of is to implement the actual decryption in C - again, not a 100% solution, but it does make reverse engineering techniques more difficult. Any piece of code can be reverse engineered.

Perhaps if and when PKI becomes ubiquitous, and that is a very big if, maybe then we can achieve better measures of security to daunt reverse engineering techniques.

cpolizzia at 2007-7-8 > top of java,Core,Core APIs...
# 5
There is no way to protect your code from reverse engineering.If you are really that concerned about it, give it legal protection via copyright, or don't give it to anybody that you don't trust.
daneya at 2007-7-8 > top of java,Core,Core APIs...
Core APIs

Core Hot Topic

Core

Site Classified