At 05:17 AM 04/05/2002, steven.sporenat_private wrote: >Hi, > >I was wondering what people's thoughts are regarding the security of code >written in JAVA, I recently reverse engineered a product with a freely >available JAVA decoder and found that it produced code with variable names >imports etc, making it very easy to find out how it hung together. Could >this be construed as a security flaw with JAVA? I wouldn't call it a flaw, but its definitively a deterrent to using JAVA in certain situations. Your comments are the *exact* reason why I use c/c++ instead of JAVA for certain applications. Of course I understand that binary executables compiled from c/c++ can be disassembled and reverse engineered too. But it is orders of magnitude more difficult to do, and there's far less people capable of doing such a thing. James Washer said... >> security-through-obscurity The choice to use c/c++ instead of JAVA is in deed an choice to ADD obscurity on top of real security. Obscurity can be a good thing so long as it's not the ONLY thing your security relies on. - hawk
This archive was generated by hypermail 2b30 : Sun Apr 07 2002 - 11:54:32 PDT