Protection of class files

Bo Rasmussen · Nov 18, 2003

Hi,

We're currently investing a lot of development effort in a very
general product, which may be utilized by bad guys in our business
domain. We would ofcourse like to protect this investment.

Can obfuscators do anything really effective to this end ? Isn't it
always possible to decompile code and use refactoring tools to get a
reasonably understandable set of sourcecode?

In our case the product may be deployed as an interface using JAVA or
a COM interface. Naturally we don't want to obfuscate or change the
interface classes as this would make our documentation hard to read!
It would be nice if the interface classes could remain clean but the
rest of the code encrypted/obfuscated.

Does anybody have experiences on this subject?

Regards
Bo

ScoobyCed · Nov 18, 2003

Bo Rasmussen said:
Hi,

We're currently investing a lot of development effort in a very
general product, which may be utilized by bad guys in our business
domain. We would ofcourse like to protect this investment.

Can obfuscators do anything really effective to this end ? Isn't it
always possible to decompile code and use refactoring tools to get a
reasonably understandable set of sourcecode?

In our case the product may be deployed as an interface using JAVA or
a COM interface. Naturally we don't want to obfuscate or change the
interface classes as this would make our documentation hard to read!
It would be nice if the interface classes could remain clean but the
rest of the code encrypted/obfuscated.

Does anybody have experiences on this subject?

Regards
Bo

There is no real way to protect JAVA code to be recovered to source code.
With time and patience, anybody who NEED to find your JAVA source code will
succeed. I heard of a product that says it use a smart way to prevent
reverse engineering (sorry I forgot the name... you can find it on some
posts dating a few months ago). There are two way, however not to give
anything to the users:
- use of an application server that you own;
- use C language for the business logic/smart logic that you want to
protect, build a dll or so or jnilib, and use JNI to interact with it.
There is also a new thing that might work if you use windows OS, ActiveX (
but I have no experience on it).

Scooby-Ced
----------------

ak · Nov 18, 2003

if you have a really big project with thousands of classes, then it can be
pretty wearying to read class a.b.c.d extends c.d.a and so on, but not
impossible. The best tool I heard were Zelix KlassMaster.

Michael Borgwardt · Nov 18, 2003

ScoobyCed said:
There is no real way to protect JAVA code to be recovered to source code.
With time and patience, anybody who NEED to find your JAVA source code will
succeed.

This is of course also true for programs written in *any* language.

Michael Borgwardt · Nov 18, 2003

Bo said:
We're currently investing a lot of development effort in a very
general product, which may be utilized by bad guys in our business
domain. We would ofcourse like to protect this investment.

Define "bad". What exactly do you want to prevent?

Roedy Green · Nov 18, 2003

Can obfuscators do anything really effective to this end ?

see http://mindprod.com/jgloss/obfuscator.html

Bo Rasmussen · Nov 19, 2003

Michael Borgwardt said:
Define "bad". What exactly do you want to prevent?

Well, naturally we want to prevent that competitors in our market
exploit our investment. As with all investments we want ROI for us -
not our competitors!

But technically speaking we have a piece of hardware that's closely
tied to our application (which may also be deployed as an API, if some
sort of business integration is needed) Actually the
application/interface may run at our hardware as an embedded solution
also. Our software is developed to sell more hardware. The API is a
flexible implementation of a specification. So what we're trying to
prevent is that 'bad guys' reengineer our software, and change the
hardware specific stuff to suit their HW - thus reducing their time to
market.....

Roedy Green · Nov 19, 2003

Well, naturally we want to prevent that competitors in our market
exploit our investment. As with all investments we want ROI for us -
not our competitors!

I repeat http://mindprod.com/jgloss/obfuscator.html

This is more than just a list of commercial obfuscators. It is a list
of techniques of psyop warfare with the pirates.

Total protection for your software against crack	0	Jun 15, 2005
Suggestions for best way of setting up a class	0	Dec 1, 2006
Fundamentals of Financial Management Concise 7e Brigham Houston	0	May 1, 2011
word_set = set() def should_preceed_with_an(phrase): first_word =	1	Jan 26, 2013
Obfuscator, EXE, etc. - a solution	2	Apr 7, 2004
comp.lang.vhdl FAQ part 3 of 4: products & services	0	Jul 8, 2003
Asp.net Important Topics.	0	Jan 18, 2007
comp.lang.c Answers to Frequently Asked Questions (FAQ List)	15	Apr 1, 2006

Protection of class files

Bo Rasmussen

ScoobyCed

ak

Michael Borgwardt

Michael Borgwardt

Roedy Green

Bo Rasmussen

Roedy Green

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads