Greetings to the authors! I'd like to ask a question that's been bugging me for quite some time, never really searched for an answer though, some of them are a bit fuzzy.
Excuse my really generic question, I'm a student and just started building more complex applications.
Let's say I'm making a Java app and want to go commercial with it, how can I ensure that my program is safe from being pirated? I keep hearing that Java is really easy to decompile, so is my source code safe at all?
I hope the question is on topic, don't want to be too noob about it!
Ah yes, I've used that decompiler on a jar once and got all the code. Licensing seems interesting, I'll take a look into that for the sake of looking.
Paul's counter-question got me thinking. I suppose having the code is worse than having the compiled classes. You can change it and/or claim it your own, while having the compiled classes would have you decompile them and go through that thing Java does, where it "scrambles" the method names making them hard to understand.
I think you misunderstood Paul's point. By "source code" he meant the result of the decompilation, not that you would actually ship your source code with the binary.
The question was more along the lines of "what could an adversary do with it"? "Claim it as his own" is unlikely to stand up in court. If there are business secrets in it, or if an altered binary could cause trouble, then you likely need a combination of licensing and an online component that the app checks in with (which runs crucial parts of the code that are not in the app).
There's a couple of assumptions in your original question which bear looking at.
First of all, the idea that you might be writing a commercial Java application. There are very few of these things in real life. So the chance that you might actually do that at some time in the future is very low.
Second, the idea that having the source code to something makes it easier to steal. There are thousands of open-source Java products out there -- those are products which you can download and use more or less freely, and to which the source code is freely available. You are even free (subject to the product's licence) to modify that source code and redistribute the modified product. That's called "forking" in the open-source world. And yet forking happens very rarely.
So to summarize: the chance that you will actually produce a commercial Java application is very low. And if you did, the chance that anybody would want to distribute a modified copy of that application is also very low.