Easy to Learn Java: Programming Articles, Examples and Tips

Start with Java in a few days with Java Lessons or Lectures

Home

Code Examples

Java Tools

More Java Tools!

Java Forum

All Java Tips

Books

Submit News
Search the site here...
Search...
 
Search the JavaFAQ.nu
1000 Java Tips ebook

1000 Java Tips - Click here for the high resolution copy!1000 Java Tips - Click here for the high resolution copy!

Java Screensaver, take it here

Free "1000 Java Tips" eBook is here! It is huge collection of big and small Java programming articles and tips. Please take your copy here.

Take your copy of free "Java Technology Screensaver"!.

I am going to use ''a code obfuscation'' to prevent it from stealing. Are there

JavaFAQ Home » Security Go to all tips in Security


Bookmark and Share

Question: I am going to use "a code obfuscation" to prevent it from stealing. Are there some recommendations to make my code even more protected?

Answer: Yes. Exist a few code obfuscation products, one of them is JProof.
Personally, I think that this product is one of the best tools that you can find today.
To achieve maximum bytecode protection level you can use several techniques that allow to do better protection with JProof:

  1. Make your methods and fields as much private as possible. Usually a lot of stuff does not need to be accessed from the other classes. The good style is to mark such stuff as private (by adding "private" modifier to the field or method declaration). Additionally, this will little bit improve your application's performance.
  2. If you can not make field or method private, try to make it "package". Simply do not use any of public, private or protected modifiers in field or method declaration statement, and they automatically will be marked as "package" by Java compiler. Note that both public and protected members can be referenced from the other packages.
  3. Minimize inter-package references. All of the inter-package interaction should be performed via public interfaces and public classes.
  4. If some classes in package do not referenced from other packages, remove the "public" modifier from their declarations. In this case, Java compiler will mark these classes as "package", and JProof will be able to rename them and hide their actual names. Note that non-public class can implement public interfaces and publish some methods.
  5. Change direct field access to set/get methods access. Mark a field as private and add two methods for getting and setting field. This will improve protection within the class. You can leave usual (direct) field access for "package" (no-modifier) fields.
  6. Implement "grouped" (joint) get/set methods where performance is not critical and where you need to make the best protection. To do this, add new method with one additional int parameter that will indicate which exactly action need to be performed. Mark methods called from within it as private. This will reduce the number of public methods. Sometimes this technique is called as "join methods". It is possible to join methods with similar signatures (not parameter names or sense) and add int "FnCode" parameter to new method's signature.
  7. Use resource bundles to hold string constants. This will improve the localizability of your software and will
    make more difficult human reverse-engineering.
  8. Try to decompile your software yourself with all known Java decompilers.
    This will help you to ensure that you are protected from most of Java decompilers. You can find a list of Java decompilers in the Decompilers section of "More Info" FAQ.
    You can find this tool at: http://www.jproof.com/index.html

*******************************************
Our older tips: March 22, 2001 - October 21, 2002 READ HERE
All published and not published on the site tips read HERE


 Printer Friendly Page  Printer Friendly Page
 Send to a Friend  Send to a Friend

.. Bookmark and Share

Search here again if you need more info!
Custom Search



Home Code Examples Java Forum All Java Tips Books Submit News, Code... Search... Offshore Software Tech Doodling

RSS feed Java FAQ RSS feed Java FAQ News     

    RSS feed Java Forums RSS feed Java Forums

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest 1999-2006 by Java FAQs Daily Tips.

Interactive software released under GNU GPL, Code Credits, Privacy Policy