Sorry I am not very sure how to state the question title. My problem is like this, I had developed a Java program, and I wish to distribute it to my friends. So I export it to Jar file, but I don't want them to extract the jar file to view the code. Is there anyway to make the program so that nobody can get the source code instead just launch the program.
+2
A:
Jar files typically do not contain code. They usually only contain the .class (bytecode) files necessary to run the program.
amphetamachine
2010-09-11 09:56:29
Depends on how much effort your friends are willing to make. Ultimately, java can always be decompiled / transformed to something human readable.
Michael Clerx
2010-09-11 09:59:31
For normal online downloadable software right the exe installer, we cant get the class file, how they did it?
2010-09-11 10:05:51
+11
A:
You can always get the original code back from compiled class files. However, you can make the lives of those who wish to decompile such code very difficult by using an obfuscator, so the decompiled code is nearly impossible to read. Here is a list of open-source java obfuscators which you might wish to investigate.
Nik Reiman
2010-09-11 10:04:04
depends on the decompiler recognizing the patterns of the code generated by the compiler.
Thorbjørn Ravn Andersen
2010-09-11 10:19:17
+3
A:
- The term you are looking for is obfuscation. Ultimately
At best, obfuscation merely makes it time-consuming, but not impossible,to reverse engineer a program.
- Another technique is SaaS. Though ultimately using black box techniques SaaS is also reverse-engineerable.
- Another technique is trust. Since you are distributing it to your friends, you could ask them to not extract the jar file or view the code. If they are really your friends, they will honor your request.
emory
2010-09-11 10:20:56
If for normal online software example like MpTrim, Wavtrim we cant do reverse-engineer. How they did it? They got only one application type file.
2010-09-11 10:31:54
emory
2010-09-11 10:49:09
A:
You could execute part of your program on a server. Basically to execute some important, large and central function of your program, the clients contact your server to compute this function.
Then you can distribute the clients to everybody, and keep the server code for your self. Just keep the server running. Then the others can't get access to whole source, but can execute the software.
This is the only sure way to do this. Other ways can be circumvented in some ways with enough effort.
Juha Syrjälä
2010-09-11 10:36:38
+6
A:
If a computer can run it, a human can reverse engineer it.
Thorbjørn Ravn Andersen
2010-09-11 10:37:50
+4
A:
The truth is that nobody wants your source code. It's pretty arrogant to think that it'd be worth the effort required to keep them out.
The best you can do is obfuscate.
duffymo
2010-09-11 17:29:21
Really? Please explain - I doubt that you'll convince me. If you can decompile WebLogic, a commercial Java EE app, I see no reason to worry about it for something of lesser value. If you need to secure something from clients, then it should be running on a server that they don't have access to.
duffymo
2010-09-11 17:50:54
It's also pretty arrogant to think u can come up w/something so brilliant ur friends will never be able to black-box reverse engineer it.
emory
2010-09-11 22:35:02
I just wanna know how those commercial java desktop application protect their source code.
2010-09-12 02:31:24
They don't. Try taking JAD and decompiling their .class files sometime. At best, they're obfuscated. At worst, you can still read the original source.
duffymo
2010-09-12 03:02:35
A:
You appear to be confusing the installation application with the executable. And I also think you are confusing a java jar application with a normal .exe.
Even then, these are all just bundles of code which can still be decompiled, it's just not as easy as unpacking a jar file, which are designed to be easy to extract.
Java is designed to run on the JVM, so packing it inside a .exe is poor form as that immediately locks it onto Windows, which defeats the point of Java in the first place. So I would advice against that.
As everyone has stated, it is rare that if your program works well and you users like it, that they would even think to decompile it. But if they want to they are just a single web search from a how to anyway (regardless of the language). With regards to commercial distribution, most cases the software is obfuscated and distributed in it's .jar, with with a architecture specific launcher of the form .exe, .app, .bin etc. Do not confuse those with the actual executable which is generally a .jar file somewhere.
jackta101
2010-09-12 12:30:26