Q: If I encrypt my .class files and use a custom classloader to load and decrypt them on the fly, will this prevent decompilation? A: The problem of preventing Java byte-code decompilation is ...

One proposal would restrict Java APIs to maintain the strong encapsulation that assures the integrity of code and data, while a second would introduce a Key Encapsulation Mechanism API.

When building secure Java applications, it's important to make sure there are no plain text passwords anywhere in the code base.

Although Evernote does not believe the attackers used a critical hole in Java to gain access, there is a new Java zero-day successfully being exploited in the wild.