I have made java application ( web pages using jsp) and i want to sell it to one of the clients , i am going to give them the war file of the application , i want to encrypt the war file so that they can not see the source code ........... is there any way to protect my source code ( java classes , web pages ......)
It has repeatedly been stated that real pirates only consider DRM as entertainment, and generally manage to crack protection fairly quickly. Obviously, if you use industrial-grade encryption, that wouldn't be directly true, but you'd have to provide a custom classloader to decrypt the code and that could be attacked, or the user could put a watch on the bytecode execution process.
As they say, "locks are for honest people". DRM costs money to implement, diverts resources from the development of the actual product (meaning that quality usually suffers), rarely stays secure for long, and tends to be abusive and annoying to the paying customers. Oh yeah, and it's a to do field debugging on.
In my case, it's pretty much a deal breaker. I buy eBooks from O'Reilly & Associates, precisely because they sell DRM-free books. I've been known on more that one occasion to pay a premium price for DRM-free software.
Customer surveys are for companies who didn't pay proper attention to begin with.
Luigi Plinge wrote:Try Proguard - it will compress and (indirectly) obfuscate your code - or you could try a dedicated code obfuscator.
Or how about turning your code into an applet so you don't have to give him the files at all.
Er, you do realize that applets function by downloading the code straight to the client!!!
I laugh at obfuscators. Back in the early 1980's I wanted to use Microsoft's MASM as the back-end to my C compiler of the day. As shipped, it didn't work. So I disassembled and de-obfuscated the assembly-language code by hand and patched it to do what I wanted. That was in the days before the DMCA.
In school, I disassembled IBM's FORTRAN runtime libraries and I still have the code in old notebooks. I did so much of that that I can disassemble IBM mainframe machine code in my head. Of course, since then, I've also acquired the source code to those libraries, since that was before IBM went OCO.
When I say "locks are for honest people", I'm not just quacking a party line. I'm speaking from experience.
Luigi Plinge wrote:Or how about turning your code into an applet so you don't have to give him the files at all.
Not so. When you run an applet in your browser, the applet's (executable) code is cached somewhere on your computer. It isn't hard for the pirate to find out where.
I find it hard to believe that you have written a web application for a client which can be copied and installed -- and used -- somewhere else. Web applications are very rarely general-purpose applications, and the ones which are worth money to a customer are almost always written specifically for that customer.