Question about Logs

[susu]

Hi,

I'm writing an app that connect to a link on my private website. I want to keep it secret so I encrypt it in a file (I use Write/ReadEncryptedObject). When my app running it will decrypt the link and do its work. But I still see the secret link in Logs! Is it safe? Does anybody can see this link when they run my app on their device that connected to debug/logcat?

:sign0085:

 

[mc73]

I think yes. then it's a matter of the level of the user. a very advanced can even reverse engineer your app, can't he? still, I don't think that the average user will start reading the bunch of streams of logcat.

 

[warwound]

There's plenty of Log viewer type apps on Play Store so yes your app users can see what is being output in the Log.

Are the Log entries being created by your B4A code or by the Android OS - presumably they are being created by the OS so you cannot suppress them?

If they are being created by the OS then can you post again letting us know which objects or libraries are producing the entries - ie is the HttpClient logging the URL?

Martin.

 

[susu]

I'm not sure it created by B4A or Android OS. I just install a log viewer from the market and yes, it shows my secret link just like Logs of B4A IDE. So I can't hide it anyway?

 

[warwound]

What i meant was, are you for example using an HttpClient to connect to your website and the HttpClient by default logs any URLs that it connects to?

Post with some code that shows how you're connecting to your website and we then know what object is creating the log entries - from there we can search to see if that object has methods to disable the logging.

Martin.