I am a software developer with very limited experience in Android development. I am considering writing a very simple app to do a simple calculation, but the formula for the calculation is proprietary. Am I correct in assuming that something like Apktool would be able to decompile my apk, thus exposing the formula to prying eyes? If so, is there a way to prevent this?
Thanks!
thesomnambulist said:
I am a software developer with very limited experience in Android development. I am considering writing a very simple app to do a simple calculation, but the formula for the calculation is proprietary. Am I correct in assuming that something like Apktool would be able to decompile my apk, thus exposing the formula to prying eyes? If so, is there a way to prevent this?
Thanks!
Click to expand...
Click to collapse
An apk is pretty much the same as a zip file so anything like 7zip can extract it . as for apktool ,yes it can decompile your apk and enable others to edit/get codes from your app .but whats really happening with apktool is reverse engineering reverse engineering won't give you code as it was written by the original developer.so your formula "appears" to be safe. Know that there isn't a complete way of preventing reverse engineering.
Note:
Whatever you do to your code, a potential attacker is able to change it in any way she or he finds it feasible. You basically can't protect your application from being modified. And any protection you put in there can be disabled/removed by a determined hacker. The best you do is obfuscation(provided its a java code) or make use of progaurd or something like that.
[email protected] said:
An apk is pretty much the same as a zip file so anything like 7zip can extract it . as for apktool ,yes it can decompile your apk and enable others to edit/get codes from your app .but whats really happening with apktool is reverse engineering reverse engineering won't give you code as it was written by the original developer.so your formula "appears" to be safe. Know that there isn't a complete way of preventing reverse engineering.
Note:
Whatever you do to your code, a potential attacker is able to change it in any way she or he finds it feasible. You basically can't protect your application from being modified. And any protection you put in there can be disabled/removed by a determined hacker. The best you do is obfuscation(provided its a java code) or make use of progaurd or something like that.
Click to expand...
Click to collapse
Thanks for the response! I recognize that nothing is entirely secure, but my hope if I tackle this project is to make it more of a hassle to get into than it would be worth. Pointing me in the direction of obfuscators is a huge help. That gives me something specific to research, and may be the solution I'm looking for.
thesomnambulist said:
Thanks for the response! I recognize that nothing is entirely secure, but my hope if I tackle this project is to make it more of a hassle to get into than it would be worth. Pointing me in the direction of obfuscators is a huge help. That gives me something specific to research, and may be the solution I'm looking for.
Click to expand...
Click to collapse
Well good luck :good:
Related
I am an amateur programmer looking for a painless way to tweak a few programs on the g1. Is there an easy way to modify code in an existing application, and then run the modified app from memory card? What's the fastest way to get started?
I would like to avoid freeing the system if possible because I am awaiting the RC31 OTA push, and don't have enough faith in my own hacking to reverse the process. So ideally, I'd like to modify the apk from my computer, and run it from the sandisk.
The feasability depends on what you define "tweaks" as and whether the source of the app is available. If you want to change the functionality of an app, without the source code it might be pretty difficult, as you'll have to figure out a way to decompile the .dex file.
really, I want to write my own application. But my math skills are much better than my programming skills. There is an app on the android market that does what I want to do, but I believe I can do it more efficiently with a good algorithm. I just don't know what all the handles are for the g1, like how to access the accelerometer readout. Again, huge amateur, but I know the basics of java and C++. If I can see the code, I'll be able to go from there...
Math skills are programming skills That's why you can't get a CS degree without taking atleast one algorithms course!
Anyway, If you have some basic experience working with Java then you are like 75% of the way there. Android SDK is pretty much built entirely around Java with added interprocess communication special sauce. Download the sdk and check out the Hello World and Sample Projects.
If you just wanted to plug a better method into a poorly designed one in an existing program, i'm afraid I can't be of help. Googling "dalvik dx decompile" resulted in this. But I don't think an "assembly-like" format is very useful for Java programmers
Do you guys think that a geo-encryption app would be possible on Android?
I am talking about creating a simple app that encrypts data based on your location.
I am thinking about doing this as my University project, I have some java knowledge but its basic so Im wondering if I am biting off more then I can chew with this idea.
no one that can help?
What do you mean by geo-encryption? I can't figure out what it is you intend to do?
Geo-encryption
You might want to check out the white paper at the geocodex website. Its url is the traditional www dot geocodex dot com. (As a new registrant, I can't type in the link myself.)
We haven't looked at Android but we do have a geo-encryption application up and running in the Windoes Mobile environment.
Mark
@Gene Poole
geo-encryption is when data is encrypted or decrypted based on your location using GPS.
@markseiler
thanks I will check that out.
In your opinion, is it possible to do this by 1 person with moderate to basic java knowledge?
Im not looking to make it overly complex, just need it to decrypt/encrypt a basic text file using location.
Also it only needs to work while the app is running so no need to have it part of the operating system.
so what's the problem now?
RAMMANN said:
so what's the problem now?
Click to expand...
Click to collapse
i dont have a problem. I just want to find out the experts opinion on here if its doable or not. Like if it would take a long time and need a lot of knowledge. I only have till March.
What should be so hard about it?
Can you code in Java?
If so, just create your java app for android, get the GPS informations (use already written libraries), think about an algorithm to decrypt with some tolerance (I mean GPS in the consumer market isn't that precise, and you should be able to decrypt it in a specific radius), and then you've done it already.
If you know Java and if you've written your own code, too, you should have a working app in a week.
UpSpin said:
What should be so hard about it?
Can you code in Java?
If so, just create your java app for android, get the GPS informations (use already written libraries), think about an algorithm to decrypt with some tolerance (I mean GPS in the consumer market isn't that precise, and you should be able to decrypt it in a specific radius), and then you've done it already.
If you know Java and if you've written your own code, too, you should have a working app in a week.
Click to expand...
Click to collapse
I have done Java yes but I am no expert.
I am asking as I have seen already working implementations and they all use time data too so that over complicates things.
So you think it would not be too hard to implement getting coordinates from GPS into the DES algorithm without much problems?
I would imagine that Android / java already have APIs for doing encryption and pulling GPS coordinates. You just need to string those together and you have your app.
ivolol said:
I would imagine that Android / java already have APIs for doing encryption and pulling GPS coordinates. You just need to string those together and you have your app.
Click to expand...
Click to collapse
I haven't read the white paper, but there has to be more to it than that. It would be impossible to enforce a simple cipher as you could always fake the GPS coordinates. There must be some kind of handshaking going on.
Gene Poole said:
I haven't read the white paper, but there has to be more to it than that. It would be impossible to enforce a simple cipher as you could always fake the GPS coordinates. There must be some kind of handshaking going on.
Click to expand...
Click to collapse
yeah thats true.
I have not been told that it NEEDS to be secure as its a idea im researching so if I can make it complex then I so be it. I just need to find out from supervisor if a simple method will suffice.
Hi Nekromantik, I'm wondering if you could do it or not ?! because I have the same project now ... if you have anything that can help me it's will be kind of you to share it with me.
Thank you in advance
So is it easy as just editing XML files to Mod? For example media_profiles.xml has a bunch of camera related variables. If I just change those and reboot, is that going to change anything? I know it could screw up my phone, but I am going for tips and tricks on how to mess with Android.
I know how to code, and would like someone to maybe point me to a guide.
Thanks
When I say know how to code. I mean I know xml and SQL....some Java. Was going to see what I could do with Android and maybe help community if I can learn.
Thanks
Depends on what you're trying to do. You can modify the ROM's apk's by deodexing and extracting. Depending on what you want to do, you can either modify whatever xml files or jpegs or whatnot that are inside, or if the task requires it, decompile, mod and recompile the code with smali/baksmali. A program called apk manager is also pretty handy for modifying apks. You can modify certain aspects of the rom with simple shell scripts, like you would on any regular linux installation. And then there's system development that will require you to learn C. If you want to get into that sort of thing, there's a guide on http://developer.android.com that goes over how to grab the android source and compile it. You could try poking around the CM9 code for an example too, even better if you have a device to flash it to.
Actually, there's a pretty decent how-to-get-started guide written by an awesome chap in the Captivate forum:
http://forum.xda-developers.com/showthread.php?t=928955
I can reed and understand what's going on in most code. However, I have no idea how the different files in a typical set of source code fit together. More importantly, I've got no idea how to figure out which file contains the functions I'm looking for..
I'm sure there's some standard scheme for this, but I've no idea what it is, and have never had much luck with reading through official code definitions, and frameworks. (I get overloaded by too much irrelevant stuff before I get to the parts I need.)
Hey, I wanted to know how to extract the driver files for an HTC Titan (WP7). When I use OSBuilder to dump all the packages, I get the drivers in this really weird format that I don't know how to open. There will be a folder named xxxxx.dll and inside the folder there will be files 0000, 0001, 0002, and 0003. None of these files have file extensions. Given the name of the folder, it stands to reason that somehow, the files inside can be compiled into the driver the folder is named after.
Can someone please help me figure out how to open the driver files? I need to write custom drivers for a project I am working on and I need to be able to use these and preferably decompile them.
A .dll is really the same as an executable. You could try renaming the dll to exe and it should run, but basically that file is a library of assets used by Windows, so your drivers are probably embedded somewhere within the dll itself. You can always try opening the files contained within inside notepad, or hex editor if you need a more precise instrument.
Thanks For Your Reply
syung said:
A .dll is really the same as an executable. You could try renaming the dll to exe and it should run, but basically that file is a library of assets used by Windows, so your drivers are probably embedded somewhere within the dll itself. You can always try opening the files contained within inside notepad, or hex editor if you need a more precise instrument.
Click to expand...
Click to collapse
Not quite what I had in mind but I did end up learning a little bit about the structure of the drivers, so thank you very much.
It was mostly unintelligible, but I was able to find some important file names and function calls, although I have no idea where these are located or how I can use them myself. At least it gives me something else to Google, and believe me, I appreciate that.
Ideally, I would like to be able to find/recreate the source code for the drivers so that I can edit them and I would like to know how to compile them/add them to a ROM so that they will actually run on a real phone.
Can anywhere tell me a place that I can find a guide or book or website, anything really? I've been at it for about three weeks now and I'm starting to think that either the information simply isn't there or that I've passed over it not realizing what it was.
Windows phones have never been extremely popular, so it is not surprising that material for it is limited. Your best bet would be to go into a brick and mortar bookstore and look for some windows phone development books, as I'm sure there is bound to be at least one book regarding development. Although it might not have exactly what you are looking for, it can give you a good starting point.
Paper Books on Custom ROMs???
syung said:
Windows phones have never been extremely popular, so it is not surprising that material for it is limited. Your best bet would be to go into a brick and mortar bookstore and look for some windows phone development books, as I'm sure there is bound to be at least one book regarding development. Although it might not have exactly what you are looking for, it can give you a good starting point.
Click to expand...
Click to collapse
Are there really any books published on working with rooted phones? I've seen a lot of development books, but never one in which the phone had been hacked for administrative rights. They are always written for the developer who will be using the stock ROM with no modifications, or so I thought...
They will probably not have the exact information you are looking for, but it can give you insight into how the OS was developed in the first place, thus giving possible clues as to where the files you require reside.
Thanks for all your help!
syung said:
They will probably not have the exact information you are looking for, but it can give you insight into how the OS was developed in the first place, thus giving possible clues as to where the files you require reside.
Click to expand...
Click to collapse
Perhaps. Thanks a lot for the idea. I'm going to go look into the fundamentals of the OS then.