Android Question Mysql Security

[Douglas Farias]

hi i make a app with a register in the db mysql remote
ok it is working, i put a key too
i seted a receive php file to receive query + my key

if key ok then execute my query in the mysql remote

but my question is my key in app is in MD5 1024

is safe make this key on app?

any user can extract my app or pick this key with hex editor or olydbg?

have a way to protect much this key on my app?

with this key user can make sql injection in my db *-*

 

[Erel]

It should be quite simple to see this key. Anyone can trace the network activity and get the key from the network stream. Unless you are using SSL.

A better solution is to avoid sending the queries. You can do it with RDC or with a custom PHP script.