Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: HTML/Java Protection

from [Yousef Syed] Network Security [Permanent Link]
Subject: Re: HTML/Java Protection
Date: Tue, 20 Sep 2005 20:41:50 +0100 
If you are really concerned, you're better designing your Applet to
call code on the Server, or see if you can use a standard JSP/Servlet
solution. That will allow you keep your security related code private,
while leaving a publically accessible interface.
As others have stated, obfuscation can be circumvented; therefore
leave a minimal amount of security related code on your applet.

ys

On 20/09/05, Antoine Martin <antoine@nagafix.co.uk> wrote:

By definition the applet code runs on the client, so you simply cannot
stop people from downloading it!
Any kind of obfuscation/protection is doomed. If you can run it, you can
trace it and decompile it.

Antoine

On Mon, 2005-09-19 at 17:01 +0000, confusionvalley@netcabo.pt wrote:

Hello all,

I'm currently developing a Java applet and i want to protect the .class 
from being downloaded.
It's very easy to download the .class file..just check the HTML code and 
get the class name wich will be loaded..then with a download program you 
can get the class file and decompile it to get the source code.
The real objective is to protect the source code from the html and not so 
grabbers.
Any idea to protect the html/java?

Best regards,
  Nuno






-- 
Yousef Syed
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Re: Defending users of unprotected login pages with TrustBar 0.4.9.93, mike03051
Next by Date:  Re: NTLM and man-in-the-middle proxies not working, Michael Eddington
Previous by Thread:  Re: HTML/Java Protection, Antoine Martin
Next by Thread:  Re: Defending users of unprotected login pages with TrustBar 0.4.9.93, Amir Herzberg
Indexes:  [Date] [Thread] [Top] [All Lists]