stackoom
  简体   繁体   中英

Protect Android App against Network Sniffing

 原文  2016-11-12 07:53:59       java/ android/ asp.net/ ssl/ retrofit

Question

I'm using Retrofit for making get/post requests to my app's web api.

I installed ssl on my server , so i can successfully connect my web api via https.

(Note : the ssl certificate is not self-signed.)

The weird thing is , you can capture get/post or other requests with this app : https://play.google.com/store/apps/details?id=app.greyshirts.sslcapture

Also if you use http or https it does not matters.The "Packet Capture" app can capture all web request...

(You must install Packet Capture app's certificate on your device to work)

The question is ,

I want to protect my app against network sniffing , how can i do that ?

I'm using asp.net / iis 8 for web api if it matters

1 answers

solution1
 2  2016-11-12 09:06:42

If you want your network traffic to be unreadable to others regardless of where they can look, you must encrypt and decrypt everything yourself in your own code and not rely on anything the operating system provides. Use a suitably strong encryption scheme.

This is only open to you because you control both the server and the client.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How does SSL protect the data against sniffing? Sniffing network traffic in java How to protect against Flooding Prevent or Protect Against Reflection Android: Protect app folder from deletion Protect an Android app using hash of signature Does JDBC do anything to protect my password and username from sniffing? Itext protect pdf against modification Android Studio LoginActivity with MySQL - attempt authentication against a network service Network utility design in Android app
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM