Effective Obfuscation: Techniques to empower Java code safety
https://www.fromdev.com/2008/08/effective-obfuscation-techniques-to.html
Why do you need Obfuscation ?
Do you lock your home door every night? You may know that a locked door will not stop an skilled thief for more than a few minutes.
If you add another lock then you can slow him down another minute or two. Reality is, no matter how many locks you use on your doors, a determined and skilled thief is going to get inside your house.
So why do you lock your doors at all? It is obvious that you have accepted the fact that a determined thief can get in, but the harder you can make it for him, the better it is. In fact, if it's too much of a pain, he may try somewhere else. In addition, by locking your door you keep out the other 99 percent of the people.
If you add another lock then you can slow him down another minute or two. Reality is, no matter how many locks you use on your doors, a determined and skilled thief is going to get inside your house.
So why do you lock your doors at all? It is obvious that you have accepted the fact that a determined thief can get in, but the harder you can make it for him, the better it is. In fact, if it's too much of a pain, he may try somewhere else. In addition, by locking your door you keep out the other 99 percent of the people.
Wikipedia definition
Obfuscation is the concealment of meaning in communication, making it confusing and harder to interpret.
Obfuscating code to prevent reverse engineering is typically done to manage risks that stem from unauthorized access to source code.
These risks include loss of intellectual property, ease of probing for application vulnerabilities and loss of revenue that can result when applications are reverse engineered, modified to circumvent metering or usage control and then recompiled.
Protecting Java from reverse engineering works the same way. Java is too easy to effectively reverse engineer due to its byte code (.class file). Any decompiler across the street can regenerate very clear Java code for a class file.
A vast variety of tools exists to perform or assist with code obfuscation. These include experimental research tools created by academics, commercial products written by professionals, and Open-source software.
Few well known obfuscators are
Proguard: (http://proguard.sourceforge.net/)
Allatori Java Obfuscator: (http://www.allatori.com/)
Few well known decompilers are
JAD: http://www.kpdus.com/jad.html
DJ : http://www.download.com/DJ-Java-Decompiler/3000-2417_4-10046809.html
Eclipse Plugin Jadclipse : http://jadclipse.sourceforge.net/download.html
Obfuscators have evolved as full static analyzers of Java applications as far as those applications can be statically analyzed. Because of this, additional features such as code pruning, size reduction, optimization, and watermarking have become natural extensions to obfuscation systems.
Obfuscation can be made even more powerful by using some of the techniques listed below
Having Small Interface for System
Small interface helps obfuscator to obfuscate maximum classes, this makes sure you have few entry points to the system. If you are designing a framework then make sure only required things are exposed as interfaces.While using obfuscator you can chose to not change the interface so that it behaves as expected, but your core implementation classes remain obfuscated.