How Safe is Apple Binary (Secure Secret Key)

Question

How Safe is Apple Binary (Secure Secret Key)

I am developing an iPhone application that uses an HTTP request to retrieve quote data from a web server.

I am working with another developer who runs a web service. We use MD5 (plain xor) encryption to transfer data between the iPhone and the web server.

Today he asked me a question that quite frankly leaves my knowledge.

'How safe is the binary ??

He worries about whether someone can get the .app package through iTunes, and then just decode that package and access my source code, which will allow them to get the secret key that we use to encode the data.

I personally don’t even know where to start, but I’m sure that there are more knowledgeable / cunning people there.

So is this possible? if so, what can I do to try to protect my source?

+5

binary iphone secret-key

Bongeh May 31 '11 at 12:15

source share

1 answer

Nicholas Knight · Accepted Answer · 2011-05-31T12:23:14+0000

The binary is not even remotely. Regardless of whether you downloaded iTunes or an iPhone with a jailbroken jailbreak, you can do nothing but obfuscation, from which a certain opponent will always confront. Never rely on the "secrecy" of anything built into the client application, this is not a secret. Ever. On any platform, in any language, with any technique.

, . . Apple "" iTunes, , .

, " MD5" . MD5 - - , , , " MD5" " XOR", . XOR MD5 , , , AES.

HTTPS (HTTP SSL). , iPhone . , SSL , , http://www.startssl.com/. SSL. Google .

, - , , , , -, , , , .

How Safe is Apple Binary (Secure Secret Key)

More articles: