Re: encrypted source file support in jdk?
rossum wrote:
On Thu, 27 Sep 2007 14:17:55 +0200, Tom Forsmo <tom@nospam.org> wrote:
Encryption is a solution to a problem. Since I am not clear what your
roblen is then is is difficult for me to suggest a solution, or even
if encryption is the right solutin to your problem.
You want to protect your source files. Why? Do you have some
super-secret algorithm in your program that a competitor wants to get
their hands on?
Sorry to have to say this, but why is none of your business.
Every company has its intelectual property it wants to protect, if not
then lets just open all gateways and firewalls. That does not seem right
does it?
Try a little more open minded thinking next time you ask questions, dont
just assume the person you are talking to is asswipe.
Are you writing a virus that you want to encrypt so that it avoids
virus detectors?
Do you want to stop people copying your code and running it without
paying you?
If you are so interested in keeping your source code secret, then why
are you using Java? C++ with a highly optimising compiler will do
more to obscure the source code than any Java obfuscator.
read the original post a little close or read my other replys, maybe you
find some asnwers.
some details:
To answer the typical question first. For this scenario I am not
interrested in encrytpted filesystems, because it still leaves the
files vulnerable as long as the filesystem is mounted. The secrecy of
the files can still be compromised from hacking, virus, trojans, skype,
xss and all other sorts of system hacking. With encrypted files the
information in the files are still protected, even in the case a trojan
sends a file by email to somebody on the internet.
No. Any piece of memory can be copied to the swap file, so in
principle anything that is in memory can also appear on disk. Since
at some point the executable byte code, and the executable machine
code, must be in memory then the level of security you seem to be
looking for is not possible.
That is why i mentioned encrypted filessystem to protect the system, and
that includes protecting swap as well.
Enctrypted filesystems only help protect the integrity of the local system and the
disk while the system/disk is not running. Encrypted files help protect
the information during use as well.
I know there are many other issues as well, I'll be working throuhg it.
here is the list of the issues of most importance:
- en-/decryption support in
- ide / editor
- compiler
- code searching tools
Do you want to encrypt your source files during development as well as
during operation?
at least until the product is released to the public.
regards
tom