What is Obfuscation?
Obfuscation is the technology of shrouding the facts. It’s not encryption, but in the context of Java code, it’s better. Early in Java’s life, several companies produced encrypting class loaders to fully encrypt Java classes. Decryption was done just-in-time prior to execution. Although this made classes completely unreadable, this methodology suffered from a classic encryption flaw: it needed to keep the decryption-key with the encrypted data. Therefore, an automated utility could be created to decrypt the code and put it out to disk. However, once that happens the fully unencrypted, unobfuscated code is in plain view. As another comparison, we could compare encryption to locking a six item meal into a lockbox. Only the intended diner (i.e. the VM) has the key and we don’t want anyone else to know what he or she is going to eat. Unfortunately, if someone can pick the lock (or find the key hidden on the bottom of the box), the food is in plain view. Obfuscation works more like putting
An obfuscation tool alters an executable to conceal information and confound analysis. In other words, it alters an executable in a way that resists decompilation efforts without altering computing processes. Java and .NET obfuscation tools scramble code to deliver full value to the customer (JVM or CLR) without revealing details of internal processes. Obfuscation tools remove context from compiled code that humans (and reverse-engineering tools) would use to decipher the code’s meaning. The objective [of obfuscation] is to remove context from an application while preserving its execution integrity. Without argument, obfuscation (or even encryption) is not 100 percent protection. Even compiled C++ is disassembleable. If a hacker is perseverant enough, they can find the meaning of your code. The goal of obfuscation is to make the reverse engineering process extremely time consuming and painful so that it’s not worth the effort, stopping all casual hackers and as many serious hackers as
An obfuscation tool alters an executable to conceal information and confound analysis. In other words, it alters an executable in a way that resists decompilation efforts without altering computing processes. .NET obfuscation tools scramble code to deliver full value to the customer (CLR) without revealing details of internal processes. Obfuscation tools remove context from compiled code that humans (and reverse-engineering tools) would use to decipher the code’s meaning. The objective [of obfuscation] is to remove context from an application while preserving its execution integrity. Without argument, obfuscation (or even encryption) is not 100 percent protection. Even compiled C++ is disassembleable. If a hacker is perseverant enough, they can find the meaning of your code. The goal of obfuscation is to make the reverse engineering process extremely time consuming and painful so that it’s not worth the effort, stopping all casual hackers and as many serious hackers as possible. Preemp
