I guess I was expecting a lower level (like binary/machine code on a pc). It appears the android "compiles/interprets" source code when apps are running. If this is so, then anyone can hack the source code of an app...correct?
I assume if I move the variables to the PROCESS_GLOBAL instead of CLASS_GLOBAL, the obfuscation will improve (from you last statement above).
Given, obfuscation won't accomplish the security of keys embedded within, what is the proper way to handle encryption keys?
e.g. Tablet encrypts data, sends to server (on pc), the server needs to be able to decrypt ... how can we share keys given the code; calculations; encryhption keys are viewable by anyone with those programs?
Thanks,
Rusty