I have a number of shaders in my games and apps, I currently use a simple program I made to take the shaders and generate a java class which puts the text into a StringBuilder, one char at a time, so text searching won't find anything if someone reverse enginneers.
It feels wrong, but it does the job of getting them out of immediate sight, but I'm under no illusion that they are very safe.
I've seen a question on pre-compiling, with no answers. What else can be done?
The best solution I have seen so far, considering the fact that the Shaders are usually very small programs, is to embed them in your code in the way you just said you do.
This is quite safe.
Consider that, if someone wants to take your shaders, will do it by dumping it from the GPU, obviously it is way far more complicated but it can be done (talking about reverse engineering).
Encryption is an option but it does protect only the local storage of the shaders, I can still dump the memory of your program just after the decryption.
Last but not least, it is not convenient to pre-compile your shaders in general and it is even more true considering the platform you are working on where there is a wide family of GPUS and Drivers implementations.
Going back to your other question about pre-compiled shaders, there is a very good explanation at page 350 of the OpenGL Gold Book (OpenGL ES 2.0 Programming guide) where it is explained why you should not do it.
One of the reasons is that device vendors are free to store binary shaders in the way they prefer.
I hope it was helpful.
Blockquote