2

Recently, I just saw my co-worker, who is an android developer, de-compiled an APK file and read all the source code. After some google search, I found it is possible to do it with an IPA file too.

How can I protect my app from reverse engineering? Also, I stored my SQLite file in the Document folder. Where can I store it or how can I secure it?

Thanks.

Noor
  • 2,071
  • 19
  • 28
Pham Hoan
  • 2,107
  • 2
  • 20
  • 34
  • 7
    The question here isn't "How can I protect my app from reverse engineering?" but "How far do I want to go to protect my app from reverse engineering?" If someone is determined enough to crack your app, they *will* do so. The question is, do you want to just try to stop casual users from peeking inside, or are you looking to stop more hardcore attempts at breaking in? Where do *you* draw the line? – cf- Mar 31 '14 at 07:54
  • well, I don't know how far they would go but not with few command line code like android. It's like 5 minutes and then they got everything nice and clean, even I can do it myself. – Pham Hoan Mar 31 '14 at 08:06
  • 2
    You found something which showed you how to decompile an IPA ? I would say this isn't as easy as you say, firstly they are encrypted, secondly a compiled app is mostly assembly and thirdly Objective-c uses "objc_sendMsg()" – CW0007007 Mar 31 '14 at 08:16

1 Answers1

1

As computerfreaker pointed out, you can't be immune. But, you can follow raywenderlichs' http://www.raywenderlich.com/45645/ios-app-security-analysis-part-1 and 2, to make it harder for 'hackers' to get into your app. It's a really good read if you have half an hour to spare, as it tells you how people can get into your app, so you know what you're up against.

Spoiler: The conclusion in the article is that you can't be safe, no matter what you do. All you can do is to make it harder and hope that hackers bully someone else.

Oscar Apeland
  • 6,422
  • 7
  • 44
  • 92