Tag Archives: android

Importance of Android source code obfuscation

Obfuscation is a method applied to transform a message into a difficult to read message. Android source code obfuscation is applied to make it difficult the reverse engineering of some application code.

However, it is important to mention that it is a method which is not a complete protection and it is just a way of discouraging others from accessing the code.

Proguard is the obfuscation tool used in Android projects and it is supported by Android Studio and Eclipse using the Android SDK. Besides obfuscating the code, it removes unused or unreachable code, sorts and optimizes the application bytecode and simplifies the logical and arithmetic operations. There are many restrictions in the mobile software development environment. Restricted access to the Internet and limited power availability are just two of them. Thus, using a tool like Proguard is interesting to improve the quality of your software and consequentially the user experience.

In order to illustrate the application of Proguard tool with obfuscation enabled, we created a Java class named Sample which contains a method implementing the factorial function and some other controlling code. Obfuscation changes the names of the class, methods, and variables to random symbols which makes much more difficult to understand the code. Unused code (unusedMethod) and the unreacheable code (debug ‘if’ clause) are removed by Proguard in order to optimize the final code used by the software application.

When publishing your application on the Play Store remember that developers are required to obfuscate the application code. Recently, the Android developer console started to offer developers the possibility to associate the generated obfuscation map to each of the published versions of the application. Using this feature, developers are able to visualize the non-obfuscated stack trace of an error right through the console and identify the source of the problem.

Android and Java projects developed by Endeeper are always obfuscated in order to keep the quality of our products. Contact us if you have any comments or questions.

public class Sample {
    private static final boolean DEBUG_ON = false;
    public int factorial(int number) {
 
        if (DEBUG_ON) {
            System.out.println("This will be removed");
        }
        if (number == 0) {
            return 1;
        } else {
            return number * factorial(number - 1);
        }
    }
 
    private void unusedMethod() {
        // This method will be removed
    }
}
public class A {
  public int b(int a) {
    if (a==0) {
      return 1;
    }
    return a*b(a-1);
  }
}

References