Creating non-reverse-engineerable Java programs

Question

Is there a way to deploy a Java program in a format that is not reverse-engineerable?

I know how to convert my application into an executable JAR file, but I want t

Answer 1

This is impossible. The CPU will have to execute your program, i.e. your program must be in a format that a CPU can understand. CPUs are much dumber than humans. Ergo, if a CPU can understand your program, a human can.

Answer 2

Make it into a web service. Then you are the only one that can see the source code.

Answer 3

It can not be done. This is not a Java problem. Any language that can be compiled can be decompiled for Java, it's just easier.

You are trying to show somebody a picture without actually showing them. It is not possible. You also can not hide your host even if you hide at the application level. Someone can still grap it via Wireshark or any other network sniffer.

Answer 4

It can't be done.

Anything that can be compiled can be de-compiled. The very best you can do is obfuscate the hell out of it.

That being said, there is some interesting stuff happening in Quantum Cryptography. Essentially, any attempt to read the message changes it. I don't know if this could be applied to source code or not.

Answer 5

Having concerns about concealing the code, I'd run ProGuard anyway.

Answer 6

You're writing in a language that has introspection as part of the core language. It generates .class files whose specifications are widely known (thus enabling other vendors to produce clean-room implementations of Java compilers and interpreters).

This means there are publicly-available decompilers. All it takes is a few Google searches, and you have some Java code that does the same thing as yours. Just without the comments, and some of the variable names (but the function names stay the same).

Really, obfuscation is about all you can get (though the decompiled code will already be slightly obfuscated) without going to C or some other fully-compiled language, anyway.