Re: Obfuscators
bbound@gmail.com wrote:
Open source it and all competitors will quickly achieve feature-
parity, and the main differentiator will then be support and in-house
expertise. The original developers will have an edge there, if they
can keep it.
Name open source products feature-parity with the following products:
* Photoshop (GIMP does not count, it can't do the most complex stuff)
* Excel and PowerPoint (not KOffice, OpenOffice, StarOffice, or Google
Docs. There's another product I'm forgetting, but that's also crap.)
* Mathematica or Maple
* Half-Life 2, Portal, or practically every computer game in existence
* Jad (particularly relevant here!)
Now, I'm as big a supporter of open source as most people here--I
regularly contribute code to Thunderbird--but even I realize that there
are numerous faults in open source. Its primarily fault is poor
usability: GNOME and KDE don't feel as clean as Windows XP (although
they have many more features), and I would much rather be using Office
XP over OpenOffice based on UI (and features, if you compare anything
other than the word processor). Open source developers tend to develop
for themselves, and we all know how representative developers are of the
general userbase.
What happens if a knowledgeable Java programmer gets hold of the
result of decompiling one of your JARs?
And the point of obfuscation is to make decompiling difficult and the
result of the decompilation confusing to understand. Note that I can
write obfuscations such that decompiling the code and recompiling it
will produce different results.
Yes, experienced Java programmers will be able to sidestep obfuscation, but:
a. You need detailed knowledge of the bytecode. The casual Java
programmer won't have this.
b. It takes time. If I can get the decompiler to fail on the input, I've
just increased time to merely construct source code from a few seconds
to a few hours.
My arguments against it are manifold:
* Limited effectiveness
Obfuscation is sufficiently effective in its goal: to make decompilation
nontrivial.
* Ethical and moral objections to artificial scarcity in general
I disagree with the premise here, but it would quickly devolve to a
"yes/no/yes/no" thread, so I'll not try to dissuade you from your
beliefs here.
* It's provably unnecessary and will draw effort and resources
that might otherwise be employed in actually improving one's
product.
If I can deter you from decompiling the product, I've succeeded. And my
experience with the abilities of current obfuscators is that they
succeed in this task.
* Often, obfuscation is not done (solely) to prevent copyright
infringement anyway, but for even more evil purposes:
So you admit that there are valid reasons for obfuscating? It's like
Bittorrent: a predominant use is for illegal purposes, but it's still
acceptable since it is a linchpin in quite legal purposes (e.g.,
distribution of space telescope images).
--
Beware of bugs in the above code; I have only proved it correct, not
tried it. -- Donald E. Knuth