Android Question Secure connection to servers and hosts

Hello,
How did Telegram, WhatsApp, YouTube, etc. establish their security?
A hacker can decompile my program and gain access to my links or IP server and abuse it.
For example, send thousands of requests to my server and host in a row. Or enter my api link in the browser and see or change user information. Even if I encrypt them, they can still decrypt the received information or encrypt the information and send it to my server and host. (Using the string of cryptographic keys obtained in my application via decompile)
I do not think I can find a solution, or if I do, the hacker can still get around it.
This issue has been on my mind for a long time!
How do I solve this problem?

I know this section is for Android but I might buy the b4i next month. Is there a similar problem for iOS apps? Is the solution method the same or different from the Android solution method?
 

Erel

B4X founder
Staff member
Licensed User
Longtime User
Any server that accepts clients should assume that hackers will try to gain access. There is no way around it. Anyone can install a network sniffer and read all the network traffic, between their device and the server.
It doesn't matter whether your app runs on Android, iOS or the freezer.

Or enter my api link in the browser and see or change user information.
You need to use some kind of authentication, including server side verification. You can build a system yourself or use FirebaseAuth + [server] FirebaseServer - backend verification for signed in users
 
Upvote 0
Any server that accepts clients should assume that hackers will try to gain access. There is no way around it. Anyone can install a network sniffer and read all the network traffic, between their device and the server.
It doesn't matter whether your app runs on Android, iOS or the freezer.


You need to use some kind of authentication, including server side verification. You can build a system yourself or use FirebaseAuth + [server] FirebaseServer - backend verification for signed in users
Dear Earl, thank you for your response.
This is exactly what I want. Users can only access and edit their own content through the mobile app.
Is there a tutorial on creating a secure authentication system like Firebase in the community? Make your own video about user authentication and security.
 
Upvote 0
Top