Obfuscation Best Practices
Obfuscators protect against decompilation in a number of ways. They don’t stop decompilers or dex2jar from reverse engineering the code, but they do make the decompiled code harder to understand. At the very simplest, they convert all the variables and method names and strings in an APK into one or two character strings. This takes a lot of the meaning out of the Java source and makes it more difficult, for example, to find an API key or where you’re storing the user’s login information. Good obfuscators will also change the flow of the code and, in many cases, hide a lot of the business logic. It won’t stop a determined hacker from understanding what you’re doing in your code, but it will make it significantly harder. ...
Get Bulletproof Android™: Practical Advice for Building Secure Apps now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
