iOS Question ProtectMyApp to protect my B4i app

I think that it is not the best usage of your development time. It is also likely to break your app.

You cannot download a xcarchive directly from the hosted builder. You might be able to build one by modifying the structure of acrhive.zip.

Erel,

Erel said:

I think that it is not the best usage of your development time.

Click to expand...

I have spent a lot of time developing a B4i app and its sister B4A app and miscellaneous B4J backend apps for a major project.
The development is done - I am now heavily into all aspects of security.

The security I have built into B4A and B4J I am reasonably happy with - B4i (on which I have done nothing) I am not!

I am willing to spend the time.

------------------------

I have a dialog going with ProtectMyApp.

I have asked them if they could accept an Archive.zip instead of an XCarchive file and sent them an Archive.zip of my iOS app as an example.

They did not dismiss the suggestion and have responded with:

I had a look at the binary inside the IPA. It looks like a native arm64/arm32 fat binary with no bitcode section.
Can your development IDE output bitcode builds? If so, can you please rebuild and send it again.
We'll see if we can make it work with bitcode enabled. Bitcode is a requirement for our protection tools on iOS.

Click to expand...

How should this be answered?

Thanks...

Bitcode cannot be enabled for now.

It is more difficult to reverse engineer the non-obfuscated B4i code compared to obfuscated B4A or B4J code.
Hiding sensitive keys in your app is never a very good idea and obfuscation only makes it a bit more difficult to find the key.
You can obfuscate the strings yourself.