Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 296 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
296
Dung lượng
4,48 MB
Nội dung
[...]... Moral Issues Decompiling is an excellent way to learn Android development and how the DVM works If you come across a technique that you haven’t seen before, you can quickly decompile it to see how it was accomplished Decompiling helps people climb up the Android learning curve by seeing other people’s programming techniques The ability to decompile APKs can make the difference between basic Android understanding... agreement that expressly forbids decompiling or reverse-engineering the code Don’t decompile an APK to remove any protection mechanisms and then recompile it for your own personal use Protection Laws Over the past few years, big business has tilted the law firmly in its favor when it comes to decompiling software Companies can use a number of legal mechanisms to stop you from decompiling their software;... obfuscators later in the book 11 12 CHAPTER 1: Laying the Groundwork Legal Issues to Consider When Decompiling Before you start building your own decompiler, let’s take this opportunity to consider the legal implications of decompiling someone else’s code for your own enjoyment or benefit Just because Java has taken decompiling technology out of some very serious propeller-head territory and into more mainstream... have other implications I look at all of them in more detail later in the book Summary Decompilation is one of the best learning tools for new Android programmers What better way to find out how to write an Android app than by taking an example off your phone and decompiling it into source code? Decompilation is also a necessary tool when a mobile software house goes belly up and the only way to fix its... out there to follow, but it helps even more if you can pick your own examples and modify them to suit your needs But no book on decompiling would be complete if it didn’t discuss the morality issues behind what amounts to stealing someone else’s code Due to the circumstances, Android apps come complete with the source code: forced open source, if you wish The author, the publisher, the author’s agent,... source-code protection to separate fact from fiction and show how easy it is to decompile an Android app and what measures you can take to protect your code Some may say that decompilation isn’t an issue and that a developer can always be trained to read a competitor’s Assembler But once you allow easy access to the Android app files, anyone can download dex2jar or JD-GUI, and decompilation becomes orders... ‘‘Pay no attention to the man behind the curtain.’’ The Wizard of Oz At this moment there are all sorts of noises coming from Google saying that there isn’t anything to worry about when it comes to decompilingAndroid code Hasn’t everyone been doing it for years at the assembly level? Similar noises were made when Java was in its infancy In this chapter, you pull apart a Java class file; and in the next... interesting code on the web server and only use the APK as a thin front-end GUI This has the downside that you may still need to hide an API key somewhere to gain access to the web server Native code: The Android Native Development Kit (NDK) allows you to hide password information in C++ files that can be disassembled but not decompiled and that still run on top of the DVM Done correctly, this technique... until the following July Academic decompilers such as dcc are available in the public domain Commercial decompilers such as Hex-Ray’s IDA have also begun to appear Fortunately for the likes of Microsoft, decompiling Office using dcc or Hex-Rays would create so much code that it’s about as user friendly as debug or a hexadecimal dump Most modern commercial software’s source code is so huge that it becomes... decompilation as the basis for your own products.) Having said that, thousands of APKs are available 15 16 CHAPTER 1: Laying the Groundwork that, when decompiled, will help you understand good and bad Android programming techniques To a certain extent, I’m pleading the ‘‘Don’t shoot the messenger’’ defense I’m not the first to spot this flaw in Java, and I certainly won’t be the last person to write . more about why Android is at risk from decompilation, but for the moment here is a list of reasons why Android apps are vulnerable: There are multiple easy ways to gain access to Android APKs accomplished. Decompiling helps people climb up the Android learning curve by seeing other people’s programming techniques. The ability to decompile APKs can make the difference between basic Android. of the best learning tools for new Android programmers. What better way to find out how to write an Android app than by taking an example off your phone and decompiling it into source code? Decompilation