-
Notifications
You must be signed in to change notification settings - Fork 6
Home
Welcome to the JVM manual, its purpose is to teach you about how the JVM executes a program and more importantly how to prevent attackers from pirating your software.
Security through obscurity is generally a flawed concept for the reason being that it heavily depends on the attacker. If the attacker is disciplined enough on a long enough timeframe they will crack it, the idea is to slow them down and annoy them through out the process as much as possible hoping they will lose interest and quit, believing it isn't worth the time.
But again that will only actually work as long as the attacker will give up.
This section is meant to tell you that you should weigh your options carefully and really think about what would make the attacker quit, sometimes depending on the person they might enjoy the challenge which is the exact opposite of what you want.
You can't make your security completely universal, there will be people who will enjoy the challenge and there will be others who won't.
In reality we don't really care since by making it hard enough we can make them spend more and more time on it which will slowly grind away their position on the whole "enjoy the challenge" thing.
There are two choices you can make, those being: annoying or time-consuming.
Your best bet is time-consuming, you hit two birds with one stone on this one, you will annoy the attacker since it will take a while to crack the software which will in turn slowly degrade their morale.
This is about if you should choose commercial protection tools or free ones.
Your answer might be commercial since usually those have the most work put into them, henceforth they are better, however, that's not always the case.
Again, weigh your options, do your research on the different techniques those tools employ and try to find the one that suits your protection style best (annoying or time-consuming).
Make sure to also research if there are any public counter-measures against them.
So if I say security through obscurity is so flawed why do it in the first place?
Well, in reality there is no other option. Security through obscurity may not protect you forever but we want it to be long enough to the point where by the time it's cracked the new version with even better protection of your software is already out and the crack was basically useless.
This wiki will tell about how the tools you may choose actually function and much more, depending on the scenario you may make your own. The wiki will guide you through how the JVM functions so you can protect your software from piracy.