0

I wrote a method to disassemble my SQLite data in my Android app. And another method that corrects data.

It makes me wonder: Can users also access my code easily and figure out what methods it uses and thereby steal my database?

Assuming they can, what's an effective way of securing or obfuscating my source code?

Mogsdad
  • 44,709
  • 21
  • 151
  • 275
tara1367
  • 7
  • 7

1 Answers1

2

There are two separate issues here, code security and database security.

For all of your applications you will probably want to use ProGaurd in order to obfuscate your code so that others cannot view its original form. If someone attempts to decompile your APK then the result will be a bunch of gibberish that cannot be understood. ProGuard is relatively simple to setup especially with Android Studio. For Eclipse users look at this question.

Anyone with a rooted Android phone can browse through the file system and copy your database, then open it up and view all of the data. In order to avoid this you will want to encrypt your db. Check out this question for a place to start off with database encryption.

Community
  • 1
  • 1
Andrea Thacker
  • 3,440
  • 1
  • 25
  • 37
  • Thanks, but first of all I use eclipse. So can I use ProGaurd in eclipse? I don't know what is it and how works!! If I protect my code, database will be protected too, because my db 's data is disassemble, so nobody can understand what's are! Can you suggest me best and easy way for protect and secure source code? – tara1367 Mar 11 '15 at 08:37
  • 1
    I've updated my answer to include this link for Eclipse users http://stackoverflow.com/questions/4732656/enabling-proguard-in-eclipse-for-android. I highly recommend swapping over to Android Studio as soon as possible though – Andrea Thacker Sep 01 '15 at 17:41