I'm working on developing a library with a set of APIs that developers can latch on to, and then build their Android applications on top of this library. However, I have an issue here. I have an encryption key in the code that I want to protect. So, I want to prevent users from reverse engineering or decompiling my code, and finding out the encryption key.
How do I protect my library? I have searched the internet on this, and the common census seems to be that in spite of obfuscation, complete security cannot be guaranteed and with enough time and patience, a developer can eventually crack the code and sniff out the protected data. However, I am still not able to buy this opinion fully. For example, Qualcomm's Gimbal released an Android SDK (https://docs.gimbal.com/android/v2/devguide.html), and their software pricing is entirely dependent on the fact that developers don't decompile and understand their packet decryption algorithm. Is there a way to enforce protection at a code level, or are we only left with licenses/legal route to protect code IP? -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. To post to this group, send email to android-developers@googlegroups.com. Visit this group at https://groups.google.com/group/android-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/android-developers/785fcd48-a565-443a-972f-d25afa8172b7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
