ProGuard

peacemaker · Mar 8, 2011

Anyone uses it ?

The ProGuard tool shrinks, optimizes, and obfuscates your code by removing unused code and renaming classes, fields, and methods with semantically obscure names. The result is a smaller sized .apk file that is more difficult to reverse engineer.

It's included into some latest SDK version. GUI exists.

Possible to use with b4a ?

Erel · Mar 9, 2011

For now you will need to do the compilation process of the generated Java files yourself if you want to use Proguard.
I plan to add support for Proguard in the future.

peacemaker · Mar 9, 2011

Thanks, Erel.
If exists, better to support it.

bluedude · Oct 29, 2011

It would be good to support this, as indicated by yourself it isn't easy to create an Eclipse project from a B4A project. So compilation with ProGuard wouldn't be easy.

magarcan · Oct 29, 2011

This would be great!!

Cableguy · Oct 29, 2011

Perhaps even make it a part of the IDE, like a menu option...

vb1992 · Oct 30, 2011

For now you will need to do the compilation process of the generated Java files yourself if you want to use Proguard.
I plan to add support for Proguard in the future.

Is this process hard? Anyone have any instructions to give this a try.

I was reading somewhere that the max size of any app is 25mb, but
it's not ideal for people to download with 3g, and when you are in the
10MB to 25MB app size this might be too much for the built-in memory
of the phone not to mention some phones not allowing installation on
the SD cards.

I'd be interested in trying Proguard in terms of Decreasing the size of apk and for the security aspect.

Erel · Oct 30, 2011

The APK file is made of code and other resources like images and other files.
Proguard can decrease the code size.
For large applications the code size is less than 1mb.

The resources can take much more.

KashMalaga · Nov 21, 2011

Got any news about this, we are waiting for a tutorial about creating b4a proyects to eclipse and ads proguard.

Or proguard support from the properly B4A will be great!

I think that is one of the best petition!

Erel · Nov 21, 2011

It will probably be included in the next version.

Falco32 · Oct 14, 2012

Is Proguard feature now included ?

Hi, Erel

has the actual release this feature already ?

Erel · Oct 14, 2012

Obfuscation was added a long time ago:
http://www.b4x.com/forum/basic4andr...13773-android-code-obfuscation.html#post77873

Falco32 · Oct 14, 2012

Thx Erel!

Ok, but when i check this with a*kt**ol, the output is really easy to understand for children hackers. i will no describe here it on detaill but basic4android is now so powerful that we need more protect mechanism for the created apps.

my idea.
when i can become internal access to the signatur wich is used to create the package and i can verify internal the package signatur with the encoded signatur copy in a internal variable as sample then i can see if or if not my package modified by a third user. understanding you me ?

or is there already a way to get the infos from b4a side in my project ? The g**le**ice*se service is not full obfuscated and to easy to bypass.

next idea .

the lc.ch**li*ense is a void call without return value. isn't better to give any self declared parameter back to the user? instead of void call to check if the lc.ch**li*ense bypassed or not ?

i hope you can follow me erel,

Erel · Oct 14, 2012

Not sure that I really follow. However I don't think that Proguard will give you better protection. Note that Proguard obfuscator doesn't obfuscate strings while this one does.

Falco32 · Oct 14, 2012

Okay a code sample

Erel said:
Not sure that I really follow. However I don't think that Proguard will give you better protection. Note that Proguard obfuscator doesn't obfuscate strings while this one does.

sub check_manipulate
if sys.getsignature <> decode("adgaszefgse") then ' this is what i wish
Exitapplication ' because this is not the orginal apk
else
return false
end if
end sub

sub decode(mysecretsignatur)
Dim plainsignatur
'....bla bla
' here is the code to decode my secretcopy from signatur
return plainsignatur
end sub

Erel ? Yet better ?

Falco32 · Oct 14, 2012

My next idea

Dim lc as licensechecker

lc.Initialize("lc", devid, pkey2, "yeaha".GetBytes("UTF8"))
' and now my wish!
lc.setreturnparamter("mysecretparameter")

if lc.checkaccess() = "myscretparamter" then
' b4a call is not manipulated
else
' no return value
' b4a license is bypassed and not a true call
Exitapplication ' because hacked.
endif

This is only to verify that the call to your sub was not bypassed from a hacker. it has nothing to do with the result from google license server.

Ok ?

Erel · Oct 16, 2012

This thread is about Proguard, which is an obfuscation service for Java. You should start a new thread for these ideas.

The second idea is already implemented with SetVariableAndValue.

KZero · Mar 19, 2014

Hi,

any news about supporting proguard / dexguard ?

Obfuscation feature is good but not enough , DexGuard provide more security and encryption

Erel · Mar 19, 2014

There are no plans to add support for proguard or dexguard. This is an old thread. An obfuscation feature is already available in the IDE.

It handles both variables and methods renaming and strings obfuscation.

ProGuard

peacemaker

Expert

Erel

B4X founder

peacemaker

Expert

bluedude

Well-Known Member

magarcan

Active Member

Cableguy

Expert

vb1992

Well-Known Member

Erel

B4X founder

KashMalaga

Member

Erel

B4X founder

Falco32

Member

Erel

B4X founder

Falco32

Member

Erel

B4X founder

Falco32

Member

Falco32

Member

Erel

B4X founder

KZero

Active Member

Erel

B4X founder

Similar Threads