- Use the proper block cipher mode.
  Or else the information about the plain text still ends up revealing as a pattern without the attacker knowing the key.
- No need to hide SLAVE_SECRET from the encrypted payload.
  jnlpMac is needed to decrypt this payload to begin with, so there's no point in hiding it. This simplifies the code a little bit.
- Using a newer slave installer that uses the -secret option