IWSS - Java developer's nightmare
InterScan Web Security Suite, abbreviated IWSS, it is said to be a comprehensive solution tailored for large corporate deployment. Product of Trend Micro, IWSS scans every HTTP access from a corporate's intranet onto the great internet. Unfortunately, it assumes that every .jar file accessed by a corporate's intranet is a java applet, therefore it naively apply bytecode manipulation on it, making a dialog box pops up every time the class in the jar file access something in the host OS. Like accessing a file in Eclipse's plug-ins folder. Like accessing a file in the Local Settings folder. Why does it have to be like this? When does an antivirus company, allowed to do manipulations that in the past only done by virus? Let me explain. A jar file is an JVM executable. I downloaded tens if not over a hundred jar files from the internet, because Eclipse's update mechanism is just like that- by downloading jar files from the Internet. IWSS tampered with them, modified them.. i