Android Question Secure connection to servers and hosts

HassanProgrammer

HassanProgrammer

Member
Hello,
How did Telegram, WhatsApp, YouTube, etc. establish their security?
A hacker can decompile my program and gain access to my links or IP server and abuse it.
For example, send thousands of requests to my server and host in a row. Or enter my api link in the browser and see or change user information. Even if I encrypt them, they can still decrypt the received information or encrypt the information and send it to my server and host. (Using the string of cryptographic keys obtained in my application via decompile)
I do not think I can find a solution, or if I do, the hacker can still get around it.
This issue has been on my mind for a long time!
How do I solve this problem?

I know this section is for Android but I might buy the b4i next month. Is there a similar problem for iOS apps? Is the solution method the same or different from the Android solution method?
 
Sort by date Sort by votes
Erel

Erel

B4X founder
Staff member
Licensed User
Longtime User
Any server that accepts clients should assume that hackers will try to gain access. There is no way around it. Anyone can install a network sniffer and read all the network traffic, between their device and the server.
It doesn't matter whether your app runs on Android, iOS or the freezer.

HassanProgrammer said:
Or enter my api link in the browser and see or change user information.
Click to expand...
You need to use some kind of authentication, including server side verification. You can build a system yourself or use FirebaseAuth + [server] FirebaseServer - backend verification for signed in users
 
Upvote 0
HassanProgrammer

HassanProgrammer

Member
Erel said:
Any server that accepts clients should assume that hackers will try to gain access. There is no way around it. Anyone can install a network sniffer and read all the network traffic, between their device and the server.
It doesn't matter whether your app runs on Android, iOS or the freezer.


You need to use some kind of authentication, including server side verification. You can build a system yourself or use FirebaseAuth + [server] FirebaseServer - backend verification for signed in users
Click to expand...
Dear Earl, thank you for your response.
This is exactly what I want. Users can only access and edit their own content through the mobile app.
Is there a tutorial on creating a secure authentication system like Firebase in the community? Make your own video about user authentication and security.
 
Upvote 0
You must log in or register to reply here.

Similar Threads

Cliff McKibbin
  • Article
Android Example Syncing local databases using PHP to access a database on a hosted server
Replies
1
Views
4K
thetrueman
T
Erel
  • Article
B4A Library [B4X] FTP Server implemented with Socket and AsyncStreams
2 3
Replies
43
Views
42K
OliverA
OliverA
Erel
  • Locked
  • Article
B4J Library [B4X] jRDC2 - B4J implementation of RDC (Remote Database Connector)
5 6 7
Replies
138
Views
144K
Erel
Erel
Erel
  • Locked
  • Article
Android Tutorial Remote Database Connector (RDC) - Connect to any remote DB
20 21 22
Replies
423
Views
315K
Erel
Erel
Erel
  • Locked
  • Article
Android Tutorial Connect Android to MySQL Database Tutorial
30 31 32
Replies
633
Views
849K
Oke
O
Top