A major roadblock to using any of the server-side scripting architectures for
developing commercial software is the fact that (traditionally) the source
code must be delivered to customers when deploying applications.
Java source code is compiled into an intermediate code called bytecode, and
the Java Virtual Machine (JVM) interprets this bytecode directly. It's the
bytecode that makes Java class files completely platform-independent. Not
only is the bytecode easy to decompile, but the descriptive variable names
are included in it (and thus in the decompiled source code), making it much
easier to understand the decompiled source code. This presents another
formidable roadblock to deploying commercial Java-based software.
This article outlines a technique to protect JSP-based applications in such a
way that they can be deployed to customers without giving away source c... (more)
For those of you not too familiar with the UNIX way of life, here's a brief
overview. There are really two categories of accounts under UNIX: the
superuser (named root) and everything else. Being root on a UNIX machine
gives you the keys to the kingdom. You can remove files created by any other
user, for instance. You can stop running processes started by root or any
other user. A UNIX system can be entirely compromised if an unauthorized
person or process gains root access.
One of the more common ways to do this is to exploit bugs in server processes
that are running as the sup... (more)
Micah Silverman has been working in software development and computer security since the 1980s. He has been developing Java applications since the
Scott Sellers
Anthony Franco
Daniel Morris
Wayne Walls
Niki Acosta
Jereme Hancock
Oren Michels
Marvin Wheeler
Douglas Kim
