Geek Answers Handbook

Android Are LogCat calls available to end users when the phone is in debug mode?

I use Log.whatever () calls to write various bits of information as I am developing an Android application. When I am ready to publish my application in the Android Marketplace, I try to figure out what I need to remove.

According to Android Dev Dev , before publishing, they suggest:

Deactivate any calls to Log methods in the source code.

How to one deactivate log methods? Obviously, I could go through and erase them all (which is a little painful), but is there any other way to deactivate logical calls that I don't know about?

In addition, is there a risk of journal calls in the published application? Can someone install Eclipse, connect the plug-in to their phone and turn on Debug mode and see all the same LogCat information that I see during development?

The Dev manual also suggests:

 Remove the android:debuggable="true" attribute from the <application> element of the manifest.

I still did not know about this flag. What is he doing exactly? I developed and debugged my application only up to this point, and this flag is not set to true or false for my manifest.

+8
android debugging publish
source share
6 answers

Yes, anyone can install the Android SDK (with or without Eclipse) to view all the log messages on your device.

I do not recommend completely deleting your logging code, but instead wrap it, for example: if (DEBUG) Log.d(...) , where DEBUG is some static boolean that you define in a convenient place. I prefer to create a utility class so that all log calls through different classes can be turned on / off right away.

+8
source share

The simplest chnages to do this would be to define one user class that MyLog says, now replace all Log.d () calls with MyLog.d (). Now inside your class you can have one flag that can enable or disable logs. hope this helps.

+5
source share

Good practice is to use something like if (DEBUG) Log.whatever , and then just make DEBUG false.

There is a real danger, except that you can identify some basic implementation that can cause crashes and hacked points in your application. The real problem is the performance penalty that you get from registering too much.

Regarding android:debuggable="true" , find it in here

Lastly, yes, Logcat logs are global and can be seen by anyone using the Android SDK.

+1
source share

Yes, magazines can be seen by anyone. In addition, applications can programmatically collect logs: http://www.cuteandroid.com/five-android-logcat-related-open-source-apps-for-developers

Therefore, make sure that you do not open sensitive data, as many applications collect logs - my business in case of unhandled exceptions / failures.

+1
source share

Oh sure. Everyone can see them.

If you do not want this, remove them from your code. It's quite normal. I see a lot of applications using logs, and the likelihood that almost none of your users will use this to check your logs.

0
source share

I would recommend not wrapping your journal entries; depending on the size of your application, which may take some time, it will probably lead to a good amount of additional code and just the hassle of IMHO.

Instead, I found the Proguard setting to automatically optimize your code and cut logical operators when exporting an application version is much easier. It will also confuse certain areas that slow down the work of any reverse engineers trying to crash your application.

If you decide to go with Proguard, you can put something like the following into the proguard-project.txt file to cut out the log entries.

 -assumenosideeffects class android.util.Log { public static boolean isLoggable(java.lang.String, int); public static int v(...); public static int i(...); public static int w(...); public static int d(...); public static int e(...); }
0
source share

More articles:


All Articles