Android App Development & ObfuscationFrancisco Barcena - November 09, 2016
What is obfuscation? In app development, obfuscation means adding a layer of security to your intellectual property by scrambling the wording of your code.
For example, imagine you had an excel file with tons of formulas that you wrote yourself, and that the file did something cool, and that someone wanted to use or purchase said excel file.
The problem with sharing this file is that the person can click on a cell and see what formulas you actually used yourself. If the person wanted to, he could create his own file and resell it or share it with others.
Obfuscation would scramble the name of the formulas, making it harder for the person to interpret and understand just exactly what formulas you used in your file.
This is an overly simplified and hypothetical example, since excel on its own does not provide obfuscation features.
Of coarse, I don't write excel sheets, formulas, or pivot tables. But I do develop apps, apps that are downloaded by thousands of people some of which have the tools and knowledge to look inside my app code and snoop around so obfuscation is very important.
Android Studio has a very easy way to implement code obfuscation, and I mean easy because I was able to do it :)
I did hit a few bumps along the way. And for anyone developing android apps, here are some words of wisdom (when using ProGuard):
- By default, debug packages are not obfuscated
- You will have to suppress warnings when not obfuscating debug packages
- You will have to exclude obfuscation of some external libraries
I had previously obfuscated my apps but never had I used external libraries such as Retrofit and greenDao (Android ORM for SQLite) so I was a bit puzzled when my obfuscated release builds were crashing upon start up. For your curiosity and SEO, the app I worked on is by the startup HazSnap.com.
ANDROID APP DEVELOPMENT HAZSNAP RETROFIT PROGUARD