Android Question Disable or encrypt httpjob cache

somed3v3loper

Well-Known Member
Licensed User
Longtime User
Hello all ,

I am getting some (string) data from server at runtime but I need it to be only available in memory I don't want it to be stored in any directory or at least it should be stored encrypted .


regards
 
Sort by date Sort by votes

Brandsum

Well-Known Member
Licensed User
You can unzip the httputils b4xlib and see that the data coming from server is first getting stored in the cache folder and then when you call getstring or getbitmap etc the lib sends you the data stored in that cache file.
 
Upvote 0

Semen Matusovskiy

Well-Known Member
Licensed User
To encrypt the cache is too late. There are such products as Charlie, a traffic is completely visible due to a proxy-server.
Bradsum's "Send encrypted data from server and decrypt it after job success" is much better. But it's necessary to crypt own Java code also.
 
Upvote 0

Semen Matusovskiy

Well-Known Member
Licensed User
To decompile any Android (Java) program is very simple.

B4A offers to compile in obfuscated mode. This can discourage to "import" the pieces of code, but is not able to crypt a communication.
For example, a hacker can find httpJob object and where you read data, something like
_stringresponse = _httpjobinstance._vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv4 /*String*/ ().trim();
Then he will search, what you do with _stringresponse.

IMO, it's not possible to keep secrets in Android. But typically it's not needed. Depends, what exactly do you want to prevent
 
Upvote 0
You must log in or register to reply here.
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more…