Hi, Is there anyway in java by which I can prevent people from viewing the source code(by decompiling) of a tool created using java(a jar file). Anand
Joined: Dec 17, 2003
Let me put the question again properly : Java bytecodes could be easily decompiled and hence lots of work done on the code is there for every body to see. Is there any way by which we can prevent this either directly or indirectly??? Thanks in advance. Anand
There are some tools out there which claim to garble the bytecode in such ways that the JVM can still use it but decompilers cannot. I've never tried them so can't tell you their effectiveness. The first thing to do is turn off debugging info in your release build using the -g:none option of javac.
jarsafe is a good tool .It converts all class files in a jar into .jarsafe files after encrytping them...i used it and it weas effective. but now jarsafe is not found online. Can anyone tell me where i can get jarsafe..even its trail verison? its old site was http://jarsafe.com
Author of JPhotoBrush Pro (www.jphotobrushpro.com)
No, it is impossible and all attampts to claim otherwise are false. If you allow your program to run, then it must be decrypted during or before that time. Thus, whoever can run your program can see the class files for it and can decompile them. Any real solution must involve DRM.
[CLG]: No, it is impossible and all attempts to claim otherwise are false. Well, it's always going to be possible to recover JVM bytecodes from the jar file. But with good bytecode obfuscation it can be difficult to recover a human-readable version of the source code. At the very least, you can replace all your helpful variable and method names with names lie a, b, c(), d(), etc. I haven't kept up with the state of the art in obfuscation, so I don't know just what else is possible, and how good decompilers have grown in response. It will probably always be possible for others to reverse engineer your work if they're determined enough - but at least, you can make them work for it.
When you're searching around for such a tool, the keyword to use is "obfuscator" or "Java code obfuscator", since such tools are called obfuscators. [ I swear Jim's post wasn't here a minute ago. ] [ January 09, 2004: Message edited by: Dirk Schreckmann ]