Vulnerability Development mailing list archives
Re: Protecting Java Class Files...
From: spin <spin () MASSIVE CH>
Date: Wed, 11 Oct 2000 21:30:28 +0200
SMILER wrote:
My customers are running some online games that gives points to the pplayers if they win, and the points can be exchanged by prices later on. What I pretented to do is to protect their java class files as they canĀ“t be easily decompiled, and I am sure there must be some ways to do this. Any suggestions ? Smiler.
It depends on what you're trying to hide. If you're trying to conceal the way points are awarded and avoid too obvious exploitation... it's probably not a Good Idea unless the prizes aren't costing your customer any money at all. Obfuscating class files may give you some time to redesign your game architecture... but IMHO, it's not a solution. You must not trust the client... I'd suggest taking a look at this article titled "How to Hurt the Hackers: The Scoop on Internet Cheating and How You Can Combat It" (what a title...) : http://www.gamasutra.com/features/20000724/pritchard_01.htm This article points out another thing you might need to consider: Rule #6: Any communication over an open line is vulnerable to interception, analysis, and modification. that is, even if your applet/application is completely concealed, it may be possible to cheat by analyzing the network protocol... Of course, if you only want to make it harder for ppl to modify or reuse your classes... obfuscation may be the solution. spin
Current thread:
- Re: Protecting Java Class Files... spin (Oct 11)