How to protect Java codes against decompiler? [closed]

Answer 1

My advice is that if you are really serious about this, you should only release the demo software to people who have signed a legally binding non-disclosure agreement. And be prepared to go to court if they breach the agreement.

By all means, obfuscate your demo application, etc as well, but don't imagine that this will stop a determined hacker from discovering the "secret sauce" in your application. It is not possible to prevent this, in theory and in practice. Piracy is inevitable if you use the pay-for-license model of monetizing your software.

(Actually, it is theoretically possible, but only with a totally secured platform like TPM. And that ain't an option for you. Trust me.)

Answer 2

You can't protect the class files from a decompiler and from malicious users. However the output of the decompiler may not be valid java.

The best method is to document your API (assuming this is available for your customers to use) and application very very well. And have your support personnel be able to resolve API and application issues. Then your customers will have no reason to want to use a decompiler to explore why things are not working correctly.

Answer 3

You can try open source project proguard

Answer 4

Everything is hackable. Just have a solid EULA and put the efforts in there instead of wasting them to hopeless attempts to protect the code.

Answer 5

In fact, not only Java, silverlight and flash also have the same issue. Anyone who downloaded the package can decompress and then decompile to reverse engineer your code.

I agree with Saas will be the best solution, having the web service to handle all the underlying logic and provides data establishes a relatively secured & isolated layer to the end clients to consume data.

Answer 6

What about encrypting your class files and using a customised classloader to load your class files ?