On Mar 4, 2013, at 11:27 AM, Stephen Cunliffe <[email protected]> wrote:
> Thanks David. > > I totally understand the Web side of things (heck view-source: is how I > learned to begin with). > > With "web apps" or "html5 games" that are not served up live from a server > but downloaded to the device as "an app" there's a little piece of the web > that changes as developers often would like to monetize their apps and also > protect their code. > > I was hoping that there was a basic effort on the device to obfuscate/hide > the source from the user. e.g. what if that source contains API keys to REST > services? Hi Stephen. I would not trust B2G enough to put API keys on the client. An experienced developer can find a way to get root access to the phone, snoop around and find the package source. There was some discussion around how to protect assets in relation to paid apps after this post https://hacks.mozilla.org/2013/02/building-a-paid-app-for-firefox-os/ If you're planning to sell a paid app it's important to understand how checking receipts works. It won't be 100% effective but with a strong server side component (which is possible even for a packaged app) you can combat piracy pretty well, I think. Kumar > > I don't think that the level of code security will stop me from developing > but I think I'll go the extra mile and at least obfuscate/minimize my code to > at least make it harder to re-engineer. > > Thanks! > _______________________________________________ > dev-webapps mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-webapps _______________________________________________ dev-webapps mailing list [email protected] https://lists.mozilla.org/listinfo/dev-webapps
