[cap-talk] Security and Full Abstraction (was: Cap OS question)
David-Sarah Hopwood
david-sarah at jacaranda.org
Sun Sep 13 09:55:04 PDT 2009
David Wagner wrote:
> Bill Frantz wrote:
>> Some of the Java obfuscators change the byte codes to build structures that
>> can not be de-compiled back into Java (to protect the intellectual property
>> of the companies which use them, of course).
>
> Yes, that's a problem, if you want to support obfuscated byte code.
>
>> The idea that a Java(1) ->
>> byte-code(1) -> Java(2) -> byte-code(2) process would result in
>> byte-code(2) having the same meaning as the first byte-code(1) seems risky.
>
> Can you elaborate on your reasoning? Are you arguing that the
> possibility of obfuscation is relevant here? I don't quite see how?
> If (a) the bytecode->source disassembler is correct, [...]
That's not a reasonable assumption. I have never seen a correct JVM
bytecode->source disassembler. (For that matter, I've never seen a
correct disassembler for a nontrivial pair of low- and high-level
languages, period.)
Disassembly is only useful for reverse-engineering where a human programmer
can take account of any flaws in the result, not for producing output that
you can be confident will recompile and be equivalent to the original
program.
--
David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com
More information about the cap-talk
mailing list