Menu
One can easily extract the .jar file and see source code. I want to protect the source code from being seen. One possible answer is to password protect the file like we do it for zip files.
But, if the password is known, then the source code can be easily seen.
Are there any ways of hiding the source code and still have it be able to run? Something similar to what a .exe does in Windows. This should run in both windows as well as Linux environment.
638
Jar files are archive files that contains of a lot of different java classes (files). You can use winzip/winrar to open the jar files and you can see those java classes in jar files. Typically you can use a Java decompiler to decompile the class file and look into the source code.
Jar files are not encrypted. They are . zip files. You can encrypt any file using Java if you want.
One can easily extract the .jar file and see the source code.
Strictly speaking, that is not true. Unless you've actually included the source code files in the JAR, someone cannot see the original source code. But they can (typically) decompile the ".class" files in your JAR file to Java source code that is functionally equivalent to your original source code.
As other answers have stated, you can make it harder for someone trying to reverse engineer your code; e.g. by using an obfuscator, or custom classloader that decrypts code that is stored in encrypted form in your JAR file. But nothing you can do is sufficient to prevent a determined hacker from defeating your measures. NOTHING.
The only practical way to protect your code against reverse engineering is to not release it. Or use software licensing or other legal means to achieve your ends.
109
If you intend to simply discourage casual viewers then any of the many code obfuscation tools for Java would probably be of help. It will mess the bytecode enough to make your algorithms less obvious.
If, on the other hand, you need "absolute" protection, any encryption/obfuscation tool would be useless - if your computer can run it then a determined and knowledgeable attacker would be able to eventually figure out how your code works.
A couple of possible solutions:
Use a client/server architecture to run the proprietary parts on computers that you own, so that you do not have to include the more interesting part of your code in your client application. Naturally this solution is not always feasible for a variety of reasons.
Hire a couple of lawyers that specialize in Intellectual Property issues and patent your algorithms. In my opinion this is far batter an alternative than trying to force a technical solution on a non-technical problem...
22
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
