How to lock compiled Java classes to prevent decompilation?

by

Some of the more advanced Java bytecode obfuscators do much more than just class name mangling. Zelix KlassMaster, for example, can also scramble your code flow in a way that makes it really hard to follow and works as an excellent code optimizer…

Also many of the obfuscators are also able to scramble your string constants and remove unused code.

Another possible solution (not necessarily excluding the obfuscation) is to use encrypted JAR files and a custom classloader that does the decryption (preferably using native runtime library).

Third (and possibly offering the strongest protection) is to use native ahead of time compilers like GCC or Excelsior JET, for example, that compile your Java code directly to a platform specific native binary.

In any case You’ve got to remember that as the saying goes in Estonian “Locks are for animals”. Meaning that every bit of code is available (loaded into memory) during the runtime and given enough skill, determination and motivation, people can and will decompile, unscramble and hack your code… Your job is simply to make the process as uncomfortable as you can and still keep the thing working…

More Related Contents:

  1. How can I tell if I’m running in 64-bit JVM or 32-bit JVM (from within a program)?
  2. How to see JIT-compiled code in JVM?
  3. What is the exact meaning of static fields in Java?
  4. How to activate JMX on my JVM for access with jconsole?
  5. Getting Java version at runtime
  6. Increasing the JVM maximum heap size for memory intensive applications
  7. How to find the JVM version from a program?
  8. How to tune Tomcat 5.5 JVM Memory settings without using the configuration program
  9. How do I find out what keystore my JVM is using?
  10. Error launching Android Studio: Failed to create JVM: error code-6
  11. JVM option -Xss – What does it do exactly?
  12. JFrame.dispose() vs System.exit()
  13. What is the JVM thread scheduling algorithm?
  14. try with resources introduce unreachable bytecode
  15. When will JVM use intrinsics
  16. Setting JVM/JRE to use Windows Proxy Automatically
  17. Would Java inline method(s) during optimization?
  18. Java VM: reproducible SIGSEGV on both 1.6.0_17 and 1.6.0_18, how to report?
  19. How to set timezone to UTC in Apache Spark?
  20. Why defining class as final improves JVM performance?
  21. What is the default maximum heap size for Sun’s JVM from Java SE 6?
  22. Why is there no GIL in the Java Virtual Machine? Why does Python need one so bad?
  23. Java’s “os.name” for Windows 10?
  24. How does the JVM terminate daemon threads? or How to write daemon threads that terminate gracefully
  25. Is it possible to use sun.misc.Unsafe to call C functions without JNI?
  26. JVM_FindSignal function continuously allocates native memory
  27. Is it good to set the max and min JVM heap size the same?
  28. Which real-time (RTSJ) JVM is most preferred? [closed]
  29. Measuring time spent on GC
  30. Release java memory for OS at runtime

Leave a Comment