Gayathri,
Obfuscation could potentially help this. If your application checked for
the signature when running that would help as well. However, the bottom
line is that the user could decompile your code and change it and resell it.
There is no way to prevent this, but depending on your license agreement it
may be illegal to do so.
Zack
> -----Original Message-----
> From: Gayathri Viswanathan [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, April 19, 2000 2:06 PM
> To: 'Zack Grossbart'; Gayathri Viswanathan;
> [EMAIL PROTECTED]
> Subject: RE: Java security question
>
>
> Zack,
>
> I have already signed my Java applet with a certificate from Thawte. But I
> thought that
> this means that Thawte certifies that noone has changed the jar file. But
> what if after
> accepting the certificate, some malicious user wishes to change
> the contents
> of the jar file
> by say changing some image files (used for displaying logo) and
> then signing
> it again and then
> selling it ? Would obfuscation help in this ? Can obfuscation be used on
> applets ?
> Is there any other alternative ?
>
> Thanks.
>
> -- Gayathri
>
> -----Original Message-----
> From: Zack Grossbart [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, April 19, 2000 1:30 PM
> To: Gayathri Viswanathan; [EMAIL PROTECTED]
> Subject: RE: Java security question
>
>
> Gayathri,
>
> Obfuscation would help prevent someone from decompiling and
> understanding
> your code, but not from changing it. You should sign your JAR
> file. Tools
> like Visual Cafe have this capability built in, or you can write a small
> utility to do it yourself using the javax.cript package. If you
> look on the
> JavaSoft site you can get more data about signing JARs.
>
> Zack
>
>
> > -----Original Message-----
> > From: Gayathri Viswanathan [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, April 19, 2000 12:41 PM
> > To: [EMAIL PROTECTED]
> > Subject: Java security question
> >
> >
> > Hi !
> >
> > I have written a Java applet and we wish to make it into a
> product. I have
> > the applet setup so that all the
> > resources that it needs are within a jar file. How can I make sure that
> > other people to whom we may sell the
> > software will not be able to disassemble the code or change some of the
> > image files or property files ?
> > Is obfuscation the way to go ? Can anyone help me ?
> >
> > Thanks a lot.
> >
> > -- Gayathri
> >
> >
> > ----------------------------------------------------------------------
> > To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> >
----------------------------------------------------------------------
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
