There are java class obfuscators available for preventing this kind of thing.
You can run a utility called tdump supplied with Borland's free compiler on
dll's, etc, and explore them as well.
Windows machines come with a now obscure program call debug from which
anyone can explore what's in memory, etc. Just type in debug from a
command prompt.
It comes down to a basic fact that you can reverse just about everything,
depending on how much time and resources you want to spend. Nothing is
absolutely secure. Security is a relative thing. It sure is fun figuring
out how things are put together though.
Charles
At 02:58 PM 4/5/2002 -0800, you wrote:
>Only if you consider security-through-obscurity to be REAL(tm) security.
>
><steven.sporen_at_za.pwcglobal.com> on 04/05/2002 05:17:19 AM
>
>To: vuln-dev_at_securityfocus.com
>cc:
>Subject: JAVA more insecure than true compiled code?
>
>
>
>Hi,
>
>I was wondering what people's thoughts are regarding the security of code
>written in JAVA, I recently reverse engineered a product with a freely
>available JAVA decoder and found that it produced code with variable names
>imports etc, making it very easy to find out how it hung together. Could
>this be construed as a security flaw with JAVA?
>
>Thoughts comments are appreciated.
>
> Steven
>----------------------------------------------------------------
>The information transmitted is intended only for the person or entity to
>which it is addressed and may contain confidential and/or privileged
>material. Any review, retransmission, dissemination or other use of, or
>taking of any action in reliance upon, this information by persons or
>entities other than the intended recipient is prohibited. If you received
>this in error, please contact the sender and delete the material from any
>computer.
Received on Apr 06 2002
Intro
