Best way to protect code

I would like to protect my code. I heard ProGuard being mentioned. Could anyone please give me some more suggestions to research?

Thanks! :smiley:


To make it harder for others to decompile your code use proguard, just 1 line of code enables it. However you can still decompile it and load it into Eclipse and run it and figure it out. It just takes quite a bit more work than if you didn’t use proguard. There are programs on the web that help with this. It’s just a roadblock imho.

To make it EXTREMELY hard for others to decompile your code use NDK. It can be decompiled into machine code, but you would need an expert in byte code and assembly to reverse engineer it and would take much more work than it’s worth. You can do just about anything in NDK that your Java code does, but it takes a little while to learn (at least for moi it did :)).

Safest way of all but not very practical would be to run your code from a private server and return results to your app. (I actually do this in one of my apps)

If you’re trying to hide an http call, I don’t believe it can be hidden.

Thanks for the info! I will look into it in detail.

If you are concerned about attacks to the communication between client and server, look at HMAC (Hash-based message authentication code - Wikipedia, the free encyclopedia)

Why do you need it?
For every security option you need to think about what it is you are securing and what level of security it requires.
For example if you want to prevent people of distributing your app without banners, you should think what is the best way to do so. And how much extra work it is worth. I Can imagine it may not be worth porting your app to NDK if it requires a lot of work that will never pay off by the result. A Better solution would be to use proguard and accept the fact that there are people removing banners.
But if you would need to do banking transactions and other sensitive information you would take more effort to make it harder to crack.

So there is not one answer to the question, only an the return question of what you want to achieve.