Java Forum

Ask Question   UnAnswered
Home » Forum » Java       RSS Feeds

Is Java is code safe..

  Asked By: Koila    Date: Dec 01    Category: Java    Views: 638

We know there are more decompiler available to covert class file to a java
file. How can we ensure our class is code safe. Whether I add all of them files
in to jar file would be any way useful. Jar files deployed in EJB server whether
container ensure any safety while deploying the beans (.class files).



3 Answers Found

Answer #1    Answered By: Geldefsman Bakker     Answered On: Dec 01

There are some obfuscators available that can make ur code  a little difficult to
understand on de-compiling. It basically works be replacing the names of
functions .....that makes the code un-readable. .....a search in google for
obfuscators will give you more information. end result of de-compiling will be a
difficult-to-read code......but make sure u want to do this

Answer #2    Answered By: Von Fischer     Answered On: Dec 01

My take on this is ... don't bother trying.

Anyone with enough knowledge to break the source back out of the compilation
would be quite capable of writing the stuff in the first place.

If they _really_ want to know, then they can crack it out - and I doubt that
there's any way you can stop them. I.e. if the run-time environment can make
sense of it, so can a person (given enough motivation).

Answer #3    Answered By: Lenora Green     Answered On: Dec 01

Actually some obfuscators are pretty advanced. For instance, in java
byte code  there is a goto. But the java  language itself does not
have a goto. So some obfuscators take advantage of this and put
gotos all over the place to drive the code in all different
directions. The effect this has is that even if the code can be
decompiled, it ends up looking completely different structurally then
the way it was originally written. Other obfuscation tricks do
include method renaming and messing up string literals (since they
appear in whole inside the byte code).

However, there are some risks to using obfuscators that one must
certainly consider. For instance, if you are writing a jar  that
other people can use, then you don't want to scramble the method
names since it will make it impossible for outside code to use those
methods. Also, the goto technique will lower the efficiency of code
and should not be used in critical code, which is unfortunately most
often the code you want to protect. Also obfuscators will mess up
tools such as AspectJ or JDO that work directly with the byte code to
add extra functionality to your code.

Bottom line is, you have to carefully weigh the different techniques
of obfuscation and see if there's any you can safely use. For a lot
of applications, obfuscation just isn't going to help much. But you
can at least take comfort in the fact that your local variable names
are automatically obfuscated by the compiler and all the comments are
stripped out.

Didn't find what you were looking for? Find more on Is Java is code safe.. Or get search suggestion and latest updates.