Internal attacks on web application

[krisleech () interkonect com]

We are moving some of our products from tradional client/server to web based applications. The problem is all languages 
aimed at building web apps are JIT compiled (interpreted) therefore you have to distribute source code or bytecode. 
Bytecode is easily reversed to code. 
This leaves us with a problem, the application and data are open to internal attack. Firstly code can be injected (very 
easily in languages like ruby), encryption keys can be read, as well as database passwords.
We have looked at Java, .NET and Ruby, all have the same problem, they can not be compiled to native code.

Any suggestions would be very helpful.
Kris.