Protecting Source Code
I am developing and application that I am planning on
"leasing" out to busnesses but to keep my source code safe I will
only allow the application to be run under a hosting account that I
control so that the source is not subject to being stolen. Other
then cfencrypt (which can be decrypted) is there a way for me to
distribute my application to companies that want to outright
purchase it and allow them to install it on a different server yet
protecting the source code? Can I compile it into .jar files and us
it that way? And if so how do I do that?
Thanks,
You can deploy as a J2EE application, see:
http://livedocs.adobe.com/coldfusion/8/htmldocs/deploying_4.html#117456
Also for some tips from the trenches:
http://www.adobe.com/devnet/coldfusion/articles/ear.html
One caveat, the people you sell the application to _must_
have a valid Enterprise copy of CF or it will not deploy.
hehe, never done the above tho!
Similar Messages
-
Hi All,
We are facing the problem of source code protection because our ABAPer deceived us and left the company.
Now we can not modify / display any program developed by him. We are logging with his id also giving same message as displayed below.
The source is protected. See explanation in long text
Message no. ED800
Diagnosis
The desired source text is protected by SAP because changing it could cause system errors.
I hope we can view this code in any diffrent way as I forgot password which I used to protect it.
Please suggest your expoert solutions.
Regards,
Ramesh.>
ramesh_basis wrote:
> Hi Volker,
>
> Can you please describe your solution in details as I never heard about HEX-Editor.
>
> Please tell me step by step.
>
> Regards,
> Ramesh.
You'll have to get your basis team involved to see the transport files. Which won't be a problem if the suggestions that it's actually you who've committed the crime are false, will it? -
Easy way to protect source code from hackers?
I did a search and couldn't come up with an answer.
I added a password script for clients on my site, but I would like to be able to (inexpensively!) protect my code from hackers so they can't view passwords and usernames.
Any one know of a good place to check?
Thanks,
JimThe other methods are like putting a No Trespassing
sign on your door, hardly secure.
I AGREE. That is why I said it was a "fast fix" and I also said, "However if someone disabled javascript, they could still view your source."
Metaphorically
speaking if you want a vault with a moat get MySQL if
you want to keep your kids inside the playroom by
means of a plastic barrier then go with
Javascript/.htpasswd methods mentioned by other
inexperienced users that are only looking for a
"real fast fix".
.htpasswd is hardly the equivalent of the javascript method.
I am not looking for any fix, thanks. And I was just making suggestions, same as you.
I am not an inexperienced iWeb user. I am inexperienced with MySQL and PHP. Lucky for me, this is the iWeb forum.
If you do not think your photos are highly classified
information (or something) then you might want to
re-evaluate your professional priorities.
They are probably copyrighted, they are personal, maybe they aren't for the public eye, but they are not exactly confidential. The OP said he wanted to protect the passwords in the source code. I offered two ways to do this.
I'm sure
you do care about the security of your photos online
that's why iWebFAQ is defending your position on the
security issue since it seems like it is not that big
of a deal for some novice users that are simply
looking for kudos.
There you go, talking in third person again...
I am not looking for kudos. In fact, I challenge you, Jasper, to find a thread where I am asking for thanks or points or stars or $5 donations or whatever. Go for it. You won't find one.
Remember if you are Publishing to .mac you can set up
your own Password Protection in iWeb as Old Toad
first mentioned. This method is much more secure
than the Javascript method later mentioned in an
attempt to join this discussion.
If you need any more help setting up MySQL feel free
to contact iWebFAQ.
And for just a $5 suggested donation, you can find out all about how hackers operate. -
hai,
can u pls tell how to secure the java source code in the client place.is there any convesion method to secure the source code.Pre-judging by the way the OP communicates here, it's probably a safe bet that his code is already cryptic enough - it's probably a mess that would be hard to follow.
-
How to protect the source code?
hello everyone,
how can I encrypt the bean program, such that people cannot decompile and get the source code? Any link to useful reading would be very helpful too, thanks in advance!Just go through this query posted in the jdc forum:
Question of the week No.160: How do you protect your code from decompilers?
http://developer.java.sun.com/developer/qow/archive/160/index.jsp
Hope this clears your doubts.
ajit -
How to protect the source code in lookout
we are using the lookout 6.5 version for the automation. we want to protect the code from the end user, please confirm the possibility of the same.
The .lks file is the source file. If you give the .l4p file to end user, and the end user uses the runtime only server, they cannot modify anything. But actually they can modify the process if they have development server.
Ryan Shi
National Instruments -
when i tried to watch a tv channel on livetvchannelsfree.in it says that the source code is protected by html guardian. in firefox 3.6 beeta5 i did not come across this problem. but now in latest version i am unable to watch any tv channel. canyou please tell me how to solve this problem?
Forgotten Passcode or device disabled after entering wrong passcode
-
How to protect java source code?
Hi everybody
I love Java but I think that people can decompile my class file to take my source code!Like this program
http://kpdus.tripod.com/jad.html
How to protect our source code?Even you use Jar files, they can unzip them and decompile!
Thanks in advance!Use Java Obfuscator. Try one of these
http://preemptive.com/products/dasho/index.html
http://www.zelix.com/klassmaster/obfuscator.html
http://java-source.net/open-source/obfuscators -
How to protect JSP source code on the Server Side ?
I am new on JSP. I Already know about various Web and Desktop technologies but is the first time on JSP. I know ASP for example.
Well, about .NET platform, it protects my source code on the server, the source code is compiled and on the server, only the compiled file are installed, my source code stay with me...
About JSP, how it works about ? Is possible to hide my source code too ? What the technique to hide the codes ? I need to prevent access to my source codes...
Robertoroberto.novakosky wrote:
About .exe files, do you know if a java class is more easy or dificult to do reverse engineering ?Depends on who your enemy is. If it's for example a hacker with a lot of C knowledge but zero of Java knowledge, reverse engineering .exe would be easier than .class. If one was interested, one would always take time to learn how to decompile the one or other. Making files secure is a waste of time. It's always "hackable".
If there was a proof of concept, no one major software vendor would have had so much problems with piracy and cracks/keygens. Think about it once again. It's simply impossible. Just have a clear EULA and actually make work of it whenever you discovers if someone breaks your EULA.
I was thinking about, the .JSP can be converted to servlet .java, and converted to .class, this way hide the source code.Once again, one could still decompile it (or reverse engineer, so you call). -
How to protect ADF Application Source code
Hi,
There is an ADF Application which needs to be given to a client. The client will deploy the application.
How do i protect the source code giving to the someone from the ADF application. ?An ear file don't need to contain java source files, but is can.
Sure you can create an ear without the source files. You define what goes into the ear yourself (source files are normally not included). The deployment descriptor you used to create the ear defines what file (contributors) are in the ear. Check the applications deployment descriptor and change it in a way that the sources are not included.
Timo -
I heard about the possibilty of decompiling the java code and getting back the source code, is this flaw specific to java or is it common among all programming langauges?
how is it possible to protect the source code? and how expensive is the solution?
thank youThis is not a flaw!
Java is compiled on the byte level not bit level. This is so because the same class can run on Windows, Solaris, Linux and Unix. This makes the execution a little bit slower and easier to decompile but a small price to pay for cross platform compatibilty. -
I heard about the possibilty of decompiling the java code and getting back the source code, is this flaw specific to java or is it common among all programming langauges?
how is it possible to protect the source code? and how expensive is the solution?
thank youBack to poster: To my knowledge, the ability tode-compile back to valid source code is unique to
Java.
No it's not. Any program files can be decompiledback
to source code.
If not their original C or C++ code, then at least
assembly code.You cannot decompile C or C++ code to anything but
assembler language. Which even when written by a good
programmer is considered obfuscated by others. I
doubt that anyone has lifted C or C++ code from
another application using a decompiler.yes you can, all binaries can be reverse compiled, logically speaking they have to be!
However, the readability of the output is not going to be as high as that obtained from decompiled java.
>
I would say that de-compilation is not a flaw in Javawhen compared to
powerful features it has to offer. Of course it's a flaw (so I disagree with you here).
People don't want this behavior, but it exists. As I
stated earlier (and I'm agreeing with you on this
one), it was an issue of priorites, and the
developers of Java decided that it was OK because it
allowed "powerful features"...it is a feature - whether it is a desirable feature is another argument entirely.
>
Here's a list of projects where the developers arenot interested in
hiding the source code from you, in fact they let youhave it for free:
Notice the words developers, not software companies.
I believe in open source and participate in it when
not bound by non-disclosure which is 99% of the time.
But I would stand by my statement that there are no
o software companies selling retail software that
believe the ability to decompile Java back to Java
source code is OK or good for them in anyway. I would
gently suggest that providing open source code, and
providing the ability to decompile to source code
really don't belong in the same discussion...Protecting code is not the job of programmers, it is the job of the Law.
rob, -
Hi,
It is possible to encrypt or protect the source code for an apex application.
I want to make sure nobody can export my application or at least that is not legible to protect the logic.
Any suggestions or workaround?
Thanks!!!!Hello Oliver,
You cannot encrypt the data in the apex tables (unless you use encrypted tablespaces, but then still you can access the data using an oracle front end). But you can use database packages (procedures/functions) to store your logic (and just call these functions from within apex). And you can wrap the source code of those packages..
Greetings,
Roel
http://roelhartman.blogspot.com/
You can reward this reply by marking it as either Helpful or Correct ;-) -
I have been going in circles trying to resolve how to ensure know one can easily see the VBA code I have written. it's dumbfounding to think source code can't be obfuscated. It seems password protecting can be broken in seconds. VSTO of VBA does not seem
to help (I created an AddIn), but the vba is visible. Is there a way to create compiled code? If so is there an example with source code I could learn from. I thought Visual Basic did this.
Thanks
AdamYes, you're right. VBA code is quite easy to break, and currently there is no way to obfuscate it natively.
However there are serveral tools that obfuscate VBA code, and you would use it before distributing your app.
I've never used myself any of those tools because I currently don't need to proctect my code, but I've tested some for fun and they're quite good. It renames everything in your code, making the VBA code virtually impossible to comprehend without losing functionality.
Try searching for "VBA Code Obsfuscator" that you might find something that suits you.
Felipe Costa Gualberto - http://www.ambienteoffice.com.br -
hi
How I can protect my source code from a decompilation in a J2ee
environment. I search a effective means for protecting the source code,
and that is not a handicap in term of performances.
I must to crypted the source code or to use an obfuscator (which is most
effective)?
regardsIn a J2EE environment, obfuscating your code should make sense only if you're a library or components developer, and you have to supply class files to your clients and don't want them to be able to reverse-engineer.
If you do not supply libraries, your code is on the server, and you shouldn't need to obfuscate anything.
Of course, if some intruder gets access to your server machine, the above does not hold anymore. However, I suspect that you'll have much bigger worries in this case than the mere possibility of the intruder decompiling your code....
Maybe you are looking for
-
Run-Time error '-2147417848 (80010108) in Crystal Report on SAP BW Query
I have installed Crystal Report 2008 SP1 and the Business Objects Integration kit for 3.1 but when I try to create a report on top of an SAP BW query using the toolbar, after entering the logon parameters for SAP BW, I get a error message : Run-Time
-
This is a question from a previous post that said it was answered but the answer was not in the post. I am having the same issue now. We are trying to integrate BI system with the SQL Server Reporting services. We are able to successfully view the In
-
Check on what - while infinity engineer on site in...
When the engineer comes to install Infinity (theoretically next Wednesday) what should I make checks on before the engineer leaves?
-
How to check whether a checkbox is checked or not
hi all, how should i check whether a checkbos is checked or not. if it is checked then a parameter should be made as enabled can i make it in report program.. thanks and regards, yogesh
-
Io7 download, unable to use my phone hellppp :o(
Hello i downloaded the new io7 software last night on my phone whilst I had it charging. I heard it would take a while so I went to bed and left it to run. I woke this morning to see the new changes and I couldn't access my phone. All it's been showi