Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Protecting the java source code

 
Anand Sidharth
Ranch Hand
Posts: 44
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
Is there anyway in java by which I can prevent people from viewing the source code(by decompiling) of a tool created using java(a jar file).
Anand
 
Anand Sidharth
Ranch Hand
Posts: 44
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Let me put the question again properly
:
Java bytecodes could be easily decompiled and hence lots of work done on the code is there for every body to see.
Is there any way by which we can prevent this either directly or indirectly???
Thanks in advance.
Anand
 
Jeroen Wenting
Ranch Hand
Posts: 5093
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There are some tools out there which claim to garble the bytecode in such ways that the JVM can still use it but decompilers cannot.
I've never tried them so can't tell you their effectiveness.
The first thing to do is turn off debugging info in your release build using the -g:none option of javac.
 
Pradeep bhatt
Ranch Hand
Posts: 8927
Firefox Browser Java Spring
 
Anand Sidharth
Ranch Hand
Posts: 44
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Pradeep,
I will try using CodeShield.
Are u aware of any Freeware like CodeShield.
 
Pradeep bhatt
Ranch Hand
Posts: 8927
Firefox Browser Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Anand,
Have a look at this one
http://www.jproof.com/
 
Tanveer Rameez
Ranch Hand
Posts: 158
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
jarsafe is a good tool .It converts all class files in a jar into .jarsafe files after encrytping them...i used it and it weas effective. but now jarsafe is not found online. Can anyone tell me where i can get jarsafe..even its trail verison?
its old site was http://jarsafe.com
 
Mr. C Lamont Gilbert
Ranch Hand
Posts: 1170
Eclipse IDE Hibernate Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No, it is impossible and all attampts to claim otherwise are false. If you allow your program to run, then it must be decrypted during or before that time. Thus, whoever can run your program can see the class files for it and can decompile them.
Any real solution must involve DRM.
 
Jim Yingst
Wanderer
Sheriff
Posts: 18671
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
[CLG]: No, it is impossible and all attempts to claim otherwise are false.
Well, it's always going to be possible to recover JVM bytecodes from the jar file. But with good bytecode obfuscation it can be difficult to recover a human-readable version of the source code. At the very least, you can replace all your helpful variable and method names with names lie a, b, c(), d(), etc. I haven't kept up with the state of the art in obfuscation, so I don't know just what else is possible, and how good decompilers have grown in response. It will probably always be possible for others to reverse engineer your work if they're determined enough - but at least, you can make them work for it.
 
Dirk Schreckmann
Sheriff
Posts: 7023
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
When you're searching around for such a tool, the keyword to use is "obfuscator" or "Java code obfuscator", since such tools are called obfuscators.
[ I swear Jim's post wasn't here a minute ago. ]
[ January 09, 2004: Message edited by: Dirk Schreckmann ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic