Can an attacker attach a debugger to my app after installing it to the market, or does the app have to be marked as debuggable first? How secure is this? Are there ways to get around it?
+4
A:
Marked debuggable or not, if a hacker has your code on his/her machine he/she will be able to use a variety of tools to attach to your process, examine the code, the memory, execute arbitrarily etc. This goes for any app and any platform. Your best hope is to follow security best practices and obfuscate to make it hard for someone to crack your code.
Paul Sasik
2010-03-17 15:18:38
noted :) thanks!
synic
2010-03-17 15:24:09
Obfuscation can make it harder, but never impossible.
Rook
2010-03-17 22:18:19
+3
A:
even obfuscation doesn't work, unless you worry about protecting from your kid sister or grandmother! i can put a break point at the point right after the code is un-obfuscated!
Michael Howard-MSFT
2010-03-17 20:58:47