ProGuard

peacemaker

Expert
Licensed User
Longtime User
Anyone uses it ?

The ProGuard tool shrinks, optimizes, and obfuscates your code by removing unused code and renaming classes, fields, and methods with semantically obscure names. The result is a smaller sized .apk file that is more difficult to reverse engineer.

It's included into some latest SDK version. GUI exists.

Possible to use with b4a ?
 
Last edited:

peacemaker

Expert
Licensed User
Longtime User
Thanks, Erel.
If exists, better to support it.
 
Upvote 0

bluedude

Well-Known Member
Licensed User
Longtime User
It would be good to support this, as indicated by yourself it isn't easy to create an Eclipse project from a B4A project. So compilation with ProGuard wouldn't be easy.
 
Upvote 0

vb1992

Well-Known Member
Licensed User
Longtime User
For now you will need to do the compilation process of the generated Java files yourself if you want to use Proguard.
I plan to add support for Proguard in the future.


Is this process hard? Anyone have any instructions to give this a try.

I was reading somewhere that the max size of any app is 25mb, but
it's not ideal for people to download with 3g, and when you are in the
10MB to 25MB app size this might be too much for the built-in memory
of the phone not to mention some phones not allowing installation on
the SD cards.

I'd be interested in trying Proguard in terms of Decreasing the size of apk and for the security aspect.

 
Upvote 0

KashMalaga

Member
Licensed User
Longtime User
Got any news about this, we are waiting for a tutorial about creating b4a proyects to eclipse and ads proguard.

Or proguard support from the properly B4A will be great!

I think that is one of the best petition!
 
Upvote 0

Falco32

Member
Licensed User
Longtime User
Thx Erel!

Ok, but when i check this with a*kt**ol, the output is really easy to understand for children hackers. i will no describe here it on detaill but basic4android is now so powerful that we need more protect mechanism for the created apps.

my idea.
when i can become internal access to the signatur wich is used to create the package and i can verify internal the package signatur with the encoded signatur copy in a internal variable as sample then i can see if or if not my package modified by a third user. understanding you me ?

or is there already a way to get the infos from b4a side in my project ? The g**le**ice*se service is not full obfuscated and to easy to bypass.

next idea .

the lc.ch**li*ense is a void call without return value. isn't better to give any self declared parameter back to the user? instead of void call to check if the lc.ch**li*ense bypassed or not ?

i hope you can follow me erel,
 
Upvote 0

Falco32

Member
Licensed User
Longtime User
Okay a code sample :)

Not sure that I really follow. However I don't think that Proguard will give you better protection. Note that Proguard obfuscator doesn't obfuscate strings while this one does.


sub check_manipulate
if sys.getsignature <> decode("adgaszefgse") then ' this is what i wish
Exitapplication ' because this is not the orginal apk
else
return false
end if
end sub


sub decode(mysecretsignatur)
Dim plainsignatur
'....bla bla
' here is the code to decode my secretcopy from signatur
return plainsignatur
end sub



Erel ? Yet better ? :)
 
Upvote 0

Falco32

Member
Licensed User
Longtime User
My next idea

Dim lc as licensechecker

lc.Initialize("lc", devid, pkey2, "yeaha".GetBytes("UTF8"))
' and now my wish!
lc.setreturnparamter("mysecretparameter")

if lc.checkaccess() = "myscretparamter" then
' b4a call is not manipulated
else
' no return value
' b4a license is bypassed and not a true call
Exitapplication ' because hacked.
endif

This is only to verify that the call to your sub was not bypassed from a hacker. it has nothing to do with the result from google license server.

Ok ?
 
Upvote 0

KZero

Active Member
Licensed User
Longtime User
Hi,

any news about supporting proguard / dexguard ?

Obfuscation feature is good but not enough , DexGuard provide more security and encryption
 
Upvote 0
Top