I am developing a project game J2ME client-server . The project has finished last week and my team is preparing for publish this game for commerce, but some reasons I don't know, source code of client is stolen ... now I am worrying about that someone modify code of client to hack my server. In one week, I think many ways to prevent the problem... I don't have many experience in security of MIDlet, so I am not sure my way is reality. My idea is from certificate client, it mean when someone modifies code client and builds the new client, the size of some files *.class will be different from original file. When client login server, client will send size of each of file *.class to server, and server will compare one by one with size of original file. If has difference, the client will be not allow to login. I also think about other way, we will embed into MIDlet of client a file to create signature for midlet, of source, we make sure someone cannot export or read this signature to embed it into new client of them, and when client login server, it will send this signature to server to certificate...
I hope can find the way to protect my client from hacking, if not all effort of my team in 3 months for this game will be lost... welcome all suggestion or experience about this problem ... thanks everyone.
How do you know the source code of the server isn't stolen?
You should have thought of all this up front. You are going to have to change your protocols and introduce some security such as a registration key into your system.