Microsoft's Raymond posted this little story about the security of their Benefits application back when Microsoft's email address had exclamation points.

Two of the companies I worked for had some security loopholes as well. One had an application that was used to view license files, compiled as a native app, and the original app was written in Java. Once I figured that out, I extracted the Java app from the native app, reverse engineered the application, and wrote a C# application to do the same thing!

And the other company had their one-time password to decrypt application data files within their own obfuscated Java application. Despite the obfuscator being a world-class app, as I am well versed in Java, once I figured out how the decryption process went, I was able to write an application to generate the one-time passwords for decrypting the data files.

And by now, I have a pretty solid idea how I can go about writing my own VM decompiler, despite there being several available.