The ProGuard tool shrinks, optimizes, and obfuscates your code by removing unused code and renaming classes, fields, and methods with semantically obscure names. The result is a smaller sized .apk file that is more difficult to reverse engineer.
It's included into some latest SDK version. GUI exists.
For now you will need to do the compilation process of the generated Java files yourself if you want to use Proguard.
I plan to add support for Proguard in the future.
It would be good to support this, as indicated by yourself it isn't easy to create an Eclipse project from a B4A project. So compilation with ProGuard wouldn't be easy.
For now you will need to do the compilation process of the generated Java files yourself if you want to use Proguard.
I plan to add support for Proguard in the future.
Is this process hard? Anyone have any instructions to give this a try.
I was reading somewhere that the max size of any app is 25mb, but
it's not ideal for people to download with 3g, and when you are in the
10MB to 25MB app size this might be too much for the built-in memory
of the phone not to mention some phones not allowing installation on
the SD cards.
I'd be interested in trying Proguard in terms of Decreasing the size of apk and for the security aspect.
The APK file is made of code and other resources like images and other files.
Proguard can decrease the code size.
For large applications the code size is less than 1mb.
Ok, but when i check this with a*kt**ol, the output is really easy to understand for children hackers. i will no describe here it on detaill but basic4android is now so powerful that we need more protect mechanism for the created apps.
my idea.
when i can become internal access to the signatur wich is used to create the package and i can verify internal the package signatur with the encoded signatur copy in a internal variable as sample then i can see if or if not my package modified by a third user. understanding you me ?
or is there already a way to get the infos from b4a side in my project ? The g**le**ice*se service is not full obfuscated and to easy to bypass.
next idea .
the lc.ch**li*ense is a void call without return value. isn't better to give any self declared parameter back to the user? instead of void call to check if the lc.ch**li*ense bypassed or not ?
Not sure that I really follow. However I don't think that Proguard will give you better protection. Note that Proguard obfuscator doesn't obfuscate strings while this one does.
Not sure that I really follow. However I don't think that Proguard will give you better protection. Note that Proguard obfuscator doesn't obfuscate strings while this one does.
sub check_manipulate
if sys.getsignature <> decode("adgaszefgse") then ' this is what i wish
Exitapplication ' because this is not the orginal apk
else
return false
end if
end sub
sub decode(mysecretsignatur)
Dim plainsignatur
'....bla bla
' here is the code to decode my secretcopy from signatur
return plainsignatur
end sub
lc.Initialize("lc", devid, pkey2, "yeaha".GetBytes("UTF8"))
' and now my wish!
lc.setreturnparamter("mysecretparameter")
if lc.checkaccess() = "myscretparamter" then
' b4a call is not manipulated
else
' no return value
' b4a license is bypassed and not a true call
Exitapplication ' because hacked.
endif
This is only to verify that the call to your sub was not bypassed from a hacker. it has nothing to do with the result from google license server.