But that would still leave us with the android issue. Perhaps in the case of iOS we could "manually" obfuscate the jailbreak detection of the code to make it look more generic / look like something else, so the attacker doesn't know what it is and thus can't modify the code since a jailbroken device is needed to do this. Dedicate time to implement obfuscation methods This will add an extra layer of security so most attackers will desist, preventing them from modifying the app in malicious ways (other than changing jailbreak/root detection) Proprietary code will stay safer from theft Should we apply code obfuscation to our native apps? What's the course of action here? ![]() A pentest was made to our mobile app (Android and iOS version) and we received feedback stating that jailbreak/root detection was ineffective because it was relatively easy to reverse engineer the application and change the return value of the method that checks whether the device is rooted/jailbroken.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |