I am developing a security software and want to obfuscate my java code so it will become impossible to reverse engineer. What is the most reliable java obfuscator ?
+14
A:
First, you really need to keep in mind that it's never impossible to reverse-engineer something. Everything is hackable. A smart developer using a smart IDE can already get far enough.
Well, you can find here a list. ProGuard is pretty good. I've used it myself, but only to "minify" Java code.
BalusC
2010-03-29 11:50:30
@BalusC good point +1
c0mrade
2010-03-29 11:51:04
+2
A:
I think that Proguard is the best. It is also possible to integrate it with your IDE (for example NetBeans). However, consider that if you obfuscate your code it could be difficult to track problems in your logs..
andrew007
2010-03-29 11:53:25
+1 for "consider that if you obfuscate your code it could be difficult to track problems in your logs". Just when you thought that debugging was hard enough...
Adam Paynter
2010-03-29 11:58:15
A good obfuscator that change names and line number information should produce a log with which to reverse the process. This way at least stack traces remain useful for obfuscated binaries.
Joachim Sauer
2010-03-29 12:06:47
A:
I used to work with Klassmaster in my previous company and it works really well and can integrate pretty good with build systems (maven support is excellent). But it's not free though.
Rusty
2010-03-29 11:56:32
+1
A:
As said elsewhere on here, proguard is good, but what might not be known is that there is also a third-party maven plugin for it here http://pyx4me.com/pyx4me-maven-plugins/proguard-maven-plugin/...I've used them both together and they're very good.
James B
2010-03-29 12:30:30
A:
If a computer can run it, a suitably motivated human can reengineer it.
Thorbjørn Ravn Andersen
2010-03-29 12:48:09
A:
We've had much better luck encrypting the jars rather than obfuscating. We use Classguard.
BG4
2010-03-29 14:19:04
If you have not read "Cracking Java byte-code encryption" (http://www.javaworld.com/javaworld/javaqa/2003-05/01-qa-0509-jcrypt.html) by Vladimir Roubtsov, you may wish to do that now.
Dmitry Leskov
2010-04-08 06:00:20
+1
A:
Check out my article Protect Your Java Code - Through Obfuscators And Beyond for a discussion of obfuscation vs three other ways to make the reverse engineering of your apps more expensive, and a collection of links to tools and further reading materials.
Dmitry Leskov
2010-04-08 05:58:06
A:
It is true that it is always possible to reverse engineer some code, just like it is impossible to protect a house in order so nobody can ever steal from it. That does not keep me from locking the door, though. Actually, I am not in the java world, I use BitHelmet for .net.
Daniel Dolz
2010-04-09 11:46:04