stackoom
  简体   繁体   中英

android release, protecting data resources

 原文  2014-09-23 11:05:32       android

Question

I'm releasing an android app through google play.

This is my first release & I wanted to check all security possibilities before.

My concern currently is that the app uses an api for data sourcing. currently the api address is hard coded in the source.

obviously the server which hosts the api has been secured, with the api only available on 80.

Is there any 'android conventions' to API sources, similar to how strings.xml is treated?

1 answers

solution1
 0  2016-10-12 05:29:59

You can store encrypted strings wherever you require. The logic is that in order to decrypt these strings, you'll need a key. Wherever you end up storing the key becomes the weak link in this chain. If your app is reverse engineered and someone gets a hold of the key, your strings are no longer encrypted.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Protecting extra data in Android Intent Release ImageView background resources in android Removing Android debug resources in release Protecting data sent between android device and server Android: How to release resources when the application terminates? Correct point to release OpenGLES Resources Android NDK Android doesn't release resources from services? App merge release resources error in Android Studio Android - Release resources when starting a call When to release the coroutine resources in android service?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM