×

Discussion Board

Page 1 of 2 12 LastLast
Results 1 to 15 of 17
  1. #1
    Registered User
    Join Date
    Dec 2008
    Posts
    42

    How to make your code safe!!!

    Hello All,

    I have a doubt in my mind. Suppose I developed an application using J2ME and installed it on my Nokia phone (Just installed ). So is it possible that somebody can get my jar file/code from the device where I installed my application.


    Brian

  2. #2
    Registered User
    Join Date
    Oct 2009
    Location
    Noida
    Posts
    941

    Re: How to make your code safe!!!

    Quote Originally Posted by sprateek View Post
    Hello All,

    I have a doubt in my mind. Suppose I developed an application using J2ME and installed it on my Nokia phone (Just installed ). So is it possible that somebody can get my jar file/code from the device where I installed my application.


    Brian
    If you make your JAR file Obfascate and then install it OTA on the device it would not be easy for anyone to take out and access your code from it.
    Thanks,
    Ekta

  3. #3
    Registered User
    Join Date
    Dec 2008
    Posts
    42

    Re: How to make your code safe!!!

    Quote Originally Posted by ektasrv View Post
    If you make your JAR file Obfascate and then install it OTA on the device it would not be easy for anyone to take out and access your code from it.
    Thanks for your reply, I have made my code obfascate but still my code contains some data which can not be change like server IP Adress, Port No, Application ID ..... can you tell me a better way to make this data abstract and safe ....... What do you mean by OTA ???

    Brian

  4. #4
    Super Contributor
    Join Date
    Jun 2003
    Location
    Cheshire, UK
    Posts
    7,395

    Re: How to make your code safe!!!

    Realistically, there is nothing you can do to stop this.

    Once the JAR is on the device, in many cases it will be difficult to get the JAR off it again. Many devices don't allow access to that part of the file system.

    However, some devices do allow such access, or can be persuaded to allow access if you know how. Or, the JAR can just be intercepted before it gets to the phone (by downloading it with a web browser to a desktop pc, for example).

    Graham.

  5. #5
    Registered User
    Join Date
    Dec 2008
    Posts
    42

    Re: How to make your code safe!!!

    grahamhughes Thanks.

    I am myself installing the application to the clients mobilephones. So there would be no access to JAR to intercept. PLease let me know I amdoing it correctly?

  6. #6
    Super Contributor
    Join Date
    Jun 2003
    Location
    Cheshire, UK
    Posts
    7,395

    Re: How to make your code safe!!!

    How will you install it?

    Do you know what kind of devices?

    Getting the app off the phone... I would never say it is impossible, but on most new handsets it is probably difficult enough to stop most people.

  7. #7
    Registered User
    Join Date
    Dec 2008
    Posts
    42

    Re: How to make your code safe!!!

    Graham,

    I am installing but simple mobile phone installer using PC Suite. And the handset I am using is Nokia E63 and Nokia 5233. I just want to ensure that no body can get my code from a installed application...

  8. #8
    Registered User
    Join Date
    Oct 2009
    Location
    Noida
    Posts
    941

    Re: How to make your code safe!!!

    Quote Originally Posted by sprateek View Post
    Thanks for your reply, I have made my code obfascate but still my code contains some data which can not be change like server IP Adress, Port No, Application ID ..... can you tell me a better way to make this data abstract and safe ....... What do you mean by OTA ???

    Brian
    You can encript all such data items and keep them in resource files with your own decripting algo embeded in the code.
    OTA stands for Over the Air - instalation of the app on the device, and on your OTA server you can put some authenticate in place such that the app is delivered only to a mobile phone with valid MSISDN.

    Even if someone gets access to the obfascated JAR file, its very difficults to decomplie and get some usefull code out of it.
    Thanks,
    Ekta

  9. #9
    Registered User
    Join Date
    Dec 2008
    Posts
    42

    Re: How to make your code safe!!!

    is it possible to get MSISDN using a j2me application ....???

  10. #10
    Super Contributor
    Join Date
    Jun 2003
    Location
    Cheshire, UK
    Posts
    7,395

    Re: How to make your code safe!!!

    Quote Originally Posted by sprateek View Post
    I am installing but simple mobile phone installer using PC Suite. And the handset I am using is Nokia E63 and Nokia 5233. I just want to ensure that no body can get my code from a installed application...
    I think you'll be fairly safe. There is no 100% safe.

    Quote Originally Posted by ektasrv View Post
    You can encript all such data items and keep them in resource files with your own decripting algo embeded in the code.
    If you can access the code, acquiring the decryption algorithm would be fairly simple.

    Quote Originally Posted by ektasrv View Post
    you can put some authenticate in place such that the app is delivered only to a mobile phone with valid MSISDN.
    Few networks (not one in Europe, for example) will send the device's MSISDN in an HTTP request.

    Quote Originally Posted by ektasrv View Post
    Even if someone gets access to the obfascated JAR file, its very difficults to decomplie and get some usefull code out of it.
    I would recommend obfuscating the code, but mainly for size reduction. Realistically, it is not a good way to protect your code, as it is still quite easy to reverse engineer, to modify, or simply to copy.

    Graham.

  11. #11
    Super Contributor
    Join Date
    Jun 2003
    Location
    Cheshire, UK
    Posts
    7,395

    Re: How to make your code safe!!!

    Quote Originally Posted by sprateek View Post
    is it possible to get MSISDN using a j2me application ....???
    No, I'm afraid it is not.

  12. #12
    Registered User
    Join Date
    Dec 2008
    Posts
    42

    Re: How to make your code safe!!!

    so the moral of the story is J2ME code is not safe anybody can steal your code.... Graham do you not think that itz a big big disadvantage of j2me.

    Couls you please suggest me something for it?

  13. #13
    Registered User
    Join Date
    Oct 2009
    Location
    Noida
    Posts
    941

    Re: How to make your code safe!!!

    No direct method to get MSISDN on all J2me devices, you can put in workarounds like - making an application Activation process in your application where you ask the end user to enter his/her mobile# and then send a port direct SMS with random string to this no... and wait for the SMS to hit it back.... if you get back the same random string you get the MSISDN and activate the app... that is allow the user go to the main menu and use it.

    If you are launching your application thu operator's network/deck, then you can get the MSISDN from the request headers of the - download request which will hit your OTA server thu operators WAP gateway.
    Thanks,
    Ekta

  14. #14
    Super Contributor
    Join Date
    Jun 2003
    Location
    Cheshire, UK
    Posts
    7,395

    Re: How to make your code safe!!!

    In general, since you control the installation, it will be very hard for anyone to get the app off the phone, so I think you're pretty safe.

    Beyond that, no development platform is immune from piracy or reverse engineering. The byte-code nature of Java makes reverse engineering easier, and this is true also of .Net. Mobile apps are usually easy to reverse engineer, simply because they tend to be quite small. Conversely, mobile phone OS's tend to restrict what users can do, which can make you safer.

    Graham.

  15. #15
    Registered User
    Join Date
    Dec 2008
    Posts
    42

    Re: How to make your code safe!!!

    Thanks Graham ... you were really really helpful!!!

Similar Threads

  1. How to make thread safe when access file?
    By JohnsonZ in forum Symbian
    Replies: 3
    Last Post: 2008-03-08, 01:22
  2. How can I make an emergency call by code?
    By asingoro in forum Symbian
    Replies: 5
    Last Post: 2007-07-05, 03:45
  3. How to make java code illegible?
    By iron_man in forum Mobile Java Games
    Replies: 8
    Last Post: 2007-05-23, 20:24
  4. Code For Ver and Make of Instru Needed
    By er_ashwini in forum General Development Questions
    Replies: 1
    Last Post: 2007-02-24, 01:09
  5. C-code..unable to make sis
    By Symbian_Neil in forum Symbian
    Replies: 9
    Last Post: 2006-12-02, 07:55

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
×