Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / General / January 2007

Tip: Looking for answers? Try searching our database.

Protect class files from decompilation

Thread view: 
Enable EMail AlertsStart New Thread
Dave - 09 Jan 2007 23:18 GMT
I understand that it is relatively easy to decompile Java class files into
source code.

How can I protect my application from being decompiled?
Reply to this Message
Alex Hunsley - 10 Jan 2007 00:29 GMT
> I understand that it is relatively easy to decompile Java class files into
> source code.
>
> How can I protect my application from being decompiled?

You can't. What you can do, however, is use an obfuscator (e.g. ProGuard
- google for "java obfuscator" for more) which makes the resulting
decompiled code harder to understand/reuse/ripoff. Obfuscation usually
reduces the compiled bytecode size too.

All
Reply to this Message
Dave - 10 Jan 2007 10:03 GMT
>> I understand that it is relatively easy to decompile Java class files
>> into source code.
[quoted text clipped - 5 lines]
> decompiled code harder to understand/reuse/ripoff. Obfuscation usually
> reduces the compiled bytecode size too.

Sounds good, thanks.
Reply to this Message
Andreas Leitgeb - 10 Jan 2007 14:42 GMT
>> I understand that it is relatively easy to decompile Java class files into
>> source code.
>>
>> How can I protect my application from being decompiled?
>
> You can't. What you can do, however, is use an obfuscator ...

Or better yet, write code that you don't need to
feel ashamed of to show.  ;-)

scnr.
Reply to this Message
Lew - 11 Jan 2007 07:50 GMT
Dave wrote:
>>> How can I protect my application from being decompiled?

> Or better yet, write code that you don't need to
> feel ashamed of to show.  ;-)

Or write code that performs so awfully that no one would want to decompile it.

Seems stupid, but I've seen an awful lot of code in production that seems to
follow that philosophy.

- Lew
Reply to this Message
Alex Hunsley - 10 Jan 2007 00:30 GMT
> I understand that it is relatively easy to decompile Java class files into
> source code.
>
> How can I protect my application from being decompiled?

Forgot to add - one 'defence' is to not give them your class files at
all, but present your code as a web application (e.g. using Tomcat +
servlets). May not be practical though.
Reply to this Message
xmx - 10 Jan 2007 04:16 GMT
Maybe you can encrypt your class file and implement your own classloader

> I understand that it is relatively easy to decompile Java class files into
> source code.
>
> How can I protect my application from being decompiled?
Reply to this Message
Laurent D.A.M. MENTEN - 10 Jan 2007 10:54 GMT
> Maybe you can encrypt your class file and implement your own classloader
>
>> I understand that it is relatively easy to decompile Java class files
>> into source code.
>>
>> How can I protect my application from being decompiled?

And as the custom classloader has to be be shipped with the encrypted
class...
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.