from one of the stackexchange questions Here,its proved that we can decompile the iphone application to its source,Now here comes the question how can we protect the ipa file/iphone application from cracking to its source?i have already verified this answers
here 1
method 2
but sad thing is it fails to protect the code,any updates to prevent app to source code
You can't really.
The iOS runtime on the device needs to be able to interpret the binary, so the binary has to be there, unencrypted and ready to run.
You could obfuscate it, by running it through a tool that scrambles method names, property names and so on. .NET and Java have tools that do this but I'm not aware of any for Objective-C, so I think you're on your own.
(Tools like anticrack, the one you linked to, will work for a short time until someone comes up with a way to reverse what anticrack does - but because your app eventually has to be there in a format the runtime is ready to run, all you can do is make it more difficult. It's like the age-old arms race of pirates vs protection mechanism in desktop applications).
This has been much discussed. Generally, you make more money spending time improving or promoting your app, then spending time trying to prevent it from being cracked in any way.
Related
How easy can it be for people to see the code / inner working mechanics of a published iOS app?
E.g if there was a certain algorithm or function/class, how easily could people be able to read that?
If it’s possible, is there any way to camouflage or encrypt it so the code can’t be read?
Cheers
A certain algorithm or function/class is not going to be visible to anyone just from having access to a published app. The apps executable has been compiled and optimised so the original source does not even exist inside it. The executables are also encrypted and while can be decrypted if you jail brake a device even then you won't get much info.
While a lot of information about how an app works can be deduced by examining how it works individual algorithms is not something to worry about.
Plus what makes you think anyone is even going to bother trying for your app.
EDIT
As there was some confusion here is a link which talks about the binaries being encrypted when producing universal and thinned ipa files:
https://developer.apple.com/library/content/qa/qa1795/_index.html#//apple_ref/doc/uid/DTS40014195-CH1-APP_STORE_CONSIDERATIONS
Is it possible to create an API inside an iOS app to let 3rd party developers create app add-on that are downloadable for users inside the app?
I could not find any ressources for this topic online.
I think that's going to go against the app store guidelines if your intention is that the 3rd party developers write code, which will be downloaded and executed.
There's something of a grey area between legitimate uses and illegitimate uses of downloaded code:
Legitimate Example 1: Something like Hopscotch where children are creating simple fun shared games. These can be considered user generated content.
Legitimate Example 2: A game which is driven by scripts allows for the run-time downloading of patches to fix bugs in the scripts or even to add new levels. I believe such usages have been rejected occasionally in the past, but are generally accepted these days.
The relevant guideline from the guidelines is (emphasis mine):
2.5.2 Apps should be self-contained in their bundles, and may not read or write data outside the designated container area, nor may they download, install, or execute code, including other iOS, watchOS, Mac OS X, or tvOS apps.
And the all-encompassing:
We will reject apps for any content or behavior that we believe is over the line. What line, you ask? Well, as a Supreme Court Justice once said, "I'll know it when I see it". And we think that you will also know it when you cross it.
If your idea is to create some sort of app-store within your app-store app, then I would abandon it immediately, because that's going to be way over Apple's line.
That said, you haven't given much detail about your app, so I might have made wrong assumptions about where you're thinking of going.
I have this idea of writing an application to automatically sync files to a specific place for an ipad every time the ipad is plugged in the computer.
The problem is I've never developed a software like this before. Right now I have these two big questions:
- How to detect when an ipad is plugged in the computer?
- How to connect to and copy files over the ipad?
To make things clear, the application I want to develop should have similar functions like iTools (not iTunes).
Does anyone here have experiences in developing this kind of application? Would you please share with me how to start with this project, because I'm clueless :(
There is a rather simple option; use a internet based service to accomplish this task - just as DropBox, iCloud and similar services do it already. Maybe you can get a lot closer to your goals by simply connecting to the API of DropBox, SugarSync or alike.
Using a direct (USB-) connection to the device will be rather tough to implement and, to my knowledge, will prevent you from selling the resulting software through Apple's channels. I am not saying that it was impossible (see iExplorer) but I am saying that such endeavor will involve a lot of reverse engineering of undocumented functions to a degree that might be considered illegal in certain countries. Additionally, maintaining such software will be very demanding as Apple frequently introduces changes within their communication protocol/s.
Is it possible to make app not launchable if it has been cracked and installed from installous? I don't want to see my app in installous
It's not that easy and it not answerable within some words or code snippets.
But you might check this:
http://www.shmoopi.net/ios-anti-piracy/iphone-piracy-protection-code-tutorial-2/
http://www.cocos2d-iphone.org/forum/topic/7667
http://thwart-ipa-cracks.blogspot.com/2008/11/detection.html
The read also here:
http://www.learn-cocos2d.com/2010/05/ignore-everything-youve-heard-about-app-store-piracy/
There are ways to detect whether your app is running on a jailbreaked device or whether your app has been modified (aka cracked). Take a look here and here for example.
From my point of view all you are getting by using these methods is a waste of time. Maybe you can make it harder for potential crackers and keep away the script kiddies. But you won't get that far that no talented cracker on earth would be unable to crack your app. Even one single cracker on earth who's able and motivated to crack your app is enough to upload it to hundred's of sites.
If really big companies fail at protecting their apps I really doubt that you will achieve it... so: wasted time which should be better spend on improving your app.
Probably not, because the part of cracking your application is to remove all restrictions (registration, detection of jailbreak, ...).
I was halfway through developing an iOS app but have sadly lost the development files (it's a long story). I have the latest version still on my iPhone. Is there some way of recovering it or even just part of it for use in Xcode?
Thanks.
In theory you can decompile the binary, which should be backed up in your iTunes backup. It is not a simple process, and if you encrypted the binary you should maybe just give up. The result of the decompilation will be nothing like what you started with -- rather it will be a bunch of cryptic C functions that don't necessarily make sense but which will compile back to your app. You might get something usable. Assuming that you actually are able to decompile and rebuild your app, the challenge you will face is in the future -- maintaining/updating cryptic code.
So my advice is to check the possibility of local backups/checkins (as per other answers here). You might try undeleting the files from your hard drive (DON'T save any more files to your disk, just download undelete software and try it). Short of those things, you can take to heart the advice of my Comp Sci 101 professor. I quote:
Don't fret - it's always easier the second time around.
Good luck.
If you have Time machine enabled on your mac you may want to look in there. But other than that I don't think so.