是否可以对应用程序进行反编译？ [英] Is it possible for an app to be decompiled?

问题描述

我需要将我网站特定部分的身份验证信息编码到我的应用中。应用程序是否可以反编译并暴露用户名和密码？

I need to code in authentication information for specific parts of my website into my app. Is it at all possible for the app to be "decompiled" and the username and password exposed?

NSURL *url = [NSURL URLWithString:@"https://predefinedUsername:predefinedPassword@www.website.com"];

推荐答案

是的，有可能。假设你有任何编译到你的应用程序的东西，它可以[并将]被某人发现。即使今天不可能，您也会创建此类信息的冻结记录，这些信息很容易受到未知或未知的任何攻击。

Yes, it is possible. Assume that if you have anything compiled into your app, it can [and will] be discovered by someone somewhere. Even if it isn't possible today, you are creating a frozen record of such information that will be vulnerable to any future attacks, known or unknown.

您真的需要用户执行一些验证它们的任务。有一百万种方法可以做到这一点，对于每一种方法，有一百万种方法可以做错。 ：）

You really need the user to perform some task that authenticates them. There are a million and one ways to do that, and for every one of those, a million and two ways to do it wrong. :)

在不了解更多有关您的具体要求的情况下，除了保持简单并且不存储或发送任何明确的内容之外，不可能真正说出更多内容。文字。

Without knowing more about your specific requirements, it is impossible to really say much more outside of "keep it simple and don't store or send anything in clear-text".

这篇关于是否可以对应用程序进行反编译？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！