For a mature App will start relating to the security and performance problems, here say it’s just the matter of the safety first, today suddenly receive our online safety test report of a App, a look at more than one thousand security feeling this App completely with no security, a carefully look are we a specification problem in the process of development, Although I did not develop this app, I did not consider many security risks, so I had to expand and replenish energy.

ProGuard

To confuse APK in Android Studio, with the help of the SDK’s Proguard tool, you only need to modify one line of build.gradle configuration. This one is easy. It’s all about obfuscation. There was some basic confusion before.

Log

During the development process, I believe that everyone will print logs to check information, especially interface data logs, which will also disclose information in the APP. Therefore, the log shielding of the release version is very important. Using native logs, you can package a tool class to check whether logs are DEBUG before printing them. Logs are printed in debug mode. There are a lot of log frameworks out there that have this configuration. Debug mode judgment:

		if(BuildConfig.DEBUG){
			//is debug
		}else{
			//is release 
		}
Copy the code

Component Security (Exported)

The four Android components Activity, Service, Provider, and Receiver all have a common attribute: Android :exported. The security of a component lies in the Android :exported property, which determines whether a component is allowed to be called by other apps.

  • Android: Exported The default value is true when the android SDK’s minimum version is 16 or lower or the component has an intent-filter set. The default value is false for versions 17 and later.
  • Component access permission: If you need to be invoked by other apps, it is recommended to add custom permission, which can only be invoked if you have permission.
  • Intent transmission: A jump uses an explicit jump. An implicit jump may be hijacked by an unknown third-party application

You can customize permissions as follows:

// Define permission <permission android:name="com.yz.permission.INTENT_OTHER" Android :protectionLevel="normal" /> // Apply for permission <uses-permission android:name="com.yz.permission.INTENT_OTHER"/> <activity android:name=".TestActivity" Android: Exported ="true" Android :permission="com.yz.permission.INTENT_OTHER" /> // Specify permissionsCopy the code

Note: The methods for customizable permissions of the four components are the same. The protectionLevel attribute refers to the type of permission. The instructions on the official website are as follows:

  • Normal: This is the lowest risk permission. If an application has declared this permission, the user who installed the application is not prompted to grant the permission. For example, if the protectionLevel is normal, the system grants the permission by default By default, the application has this permission
  • Dangerous: This level of permission is more risky and may lead to negative user access to personal data or device control. This type of permission may not be granted by default
  • Signature: This permission level is granted only when the application that sends the request and the application that receives the request use the same signature file. This permission level is granted by default and does not prompt the user
  • SignatureOrSystem: This permission should be avoided as much as possible, favoring the system level, and the signature protection level should be sufficient for most requirements and work

Debugging security

The release version should prohibit debugging. When the Android :debuggable attribute of the application is set to true, attackers can spy the data flow and workflow of the client through dynamic debugging, increasing the risk of cracking the core program logic.

  • Android provides the isDebuggerConnected() method to determine if there is a debugger connection
  • Debuggable attribute, release version debuggable set to false, in the program to determine whether the debuggable value is modified to determine the debuggable code as follows:
if (0! =(getApplicationInfo().flags&= ApplicationInfo.flag_debuggable)) {// The program is changed to debuggable!! android.os.Process.killProcess(android.os.Process.myPid()); }Copy the code

Signature security

Signature is a valid id of The Android software. It is recommended that V1 and v2 be selected. For signature description, see AS Package Signature to prevent secondary packaging and check whether the signatures are consistent. Check whether the hash value of the APK signature is the same as that of the APK signature file. If the hash value is inconsistent, the APK is repackaged. The code to get the hash value of the signature is as follows:

public int getSignature(String packageName) {        
        PackageManager pm = this.getPackageManager();  
        PackageInfo pi = null;  
        int sig = 0;  
        try {  
            pi = pm.getPackageInfo(packageName, PackageManager.GET_SIGNATURES);  
            Signature[] s = pi.signatures;  
            sig = s[0].hashCode();    
        } catch (Exception e1) {  
            sig = 0;  
            e1.printStackTrace();  
        }  
        return sig;  
} 
Copy the code