iOS Question Is an IOS app easy to crack/decompile ?

[marcick]

Respect to Android, is it much more difficult to decompile an IOS app ?
If have some variables like a server address and password, can I feel safe declaring them as they are in process globals ?
Or: if I declare them encripted, is it much difficult to decompile the app to find the key to decript them ?

 

[JanPRO]

Hi,
in general: Even if your app is open source it should be secure.

However it is more difficult to decompile an app in iOS, but it is possible.

If have some variables like a server address and password

Note: it's very easy to sniff the network, so it doesn't matter if it's possible to decompile the app or not just for getting an url+password ...

 

[marcick]

Understand ..

 

[Erel]

Note: it's very easy to sniff the network, so it doesn't matter if it's possible to decompile the app or not just for getting an url+password

Unless the connection is secure (https).

 

[marcick]

So, RDC uses a secure connection, right ?
Which is the best way to manage ServerUrl and port making difficult to grab them from the IPA ?

 

[Erel]

So, RDC uses a secure connection, right ?

It's up to you. jRDC2 is a B4J server and it supports SSL connections (if you configure it properly).

You cannot hide the server url and port from a network sniffer.