According to this link, "Android Police" were able to teardown the Google Play apk and clearly read the strings file. I thought there were ways to prevent this using proguard, but does it work well? I remember watching the I/O conference this year and they mentioned something about encrypting your app I believe. I haven't read anything that has cured my anxiety about sending out an app that can not be decompiled/deconstructed or anything. Can anyone with experience vouch for this (proguard and this encryption thing)?
相关问题
- How can I create this custom Bottom Navigation on
- Bottom Navigation View gets Shrink Down
- How to make that the snackbar action button be sho
- Listening to outgoing sms not working android
- How to create Circular view on android wear?
相关文章
- android开发 怎么把图片放入drawable的文件夹下
- android上如何获取/storage/emulated/下的文件列表
- androidStudio有个箭头不认识
- SQLite不能创建表
- Windows - Android SDK manager not listing any plat
- Animate Recycler View grid when number of columns
- Why is the app closing suddenly without showing an
- Android OverlayItem.setMarker(): Change the marker
Proguard obfuscates code, not resources. That said, even with obfuscation, once the app reads the string into memory, it's in cleartext. All that an attacker would need is a debugger and a breakpoint at just the right time.
ProGuard obfuscates code. It does not do anything with resource files. It does not even encrypt string constants in code.
DexGuard, a commercial offshoot of ProGuard, appears to encrypt string constants, though I see nothing about resources.
Moreover, none of this will help much. As Mr. Hewgill points out in a comment, by definition, everything has to be visible to run.