Special

Introducing the “Welcome to Xojo” Bundle!

New to Xojo and looking for guidance? We've put together a terrific bundle to welcome you! Xojo Bundle

This bundle includes six back issues of the magazine -- all of year 14 in printed book and digital formats -- plus a one-year subscription so you'll be learning all about Xojo for the next year. It's the perfect way to get started programming with Xojo. And you save as much as $35 over the non-bundle price!

This offer is only available for a limited time as supplies are limited, so hurry today and order this special bundle before the offer goes away!

Article Preview


Buy Now

Issue 14.3 ('Sunroom')
Instant purchase and download via GumRoad!

COLUMN

Column

Issue: 14.3 (May/June 2016)
Author: Marc Zeedar
Author Bio: Marc taught himself programming in high school when he bought his first computer but had no money for software. He's had fun learning ever since.
Article Description: No description available.
Article Length (in bytes): 13,378
Starting Page Number: 64
Article Number: 14308
Resource File(s):

Download Icon 14308project.zip Updated: 2016-05-02 11:16:06

Related Link(s): None

Excerpt of article text...

Security in your apps is complicated. At least real security. But there are some things you can do to help make it harder for crackers. If you use a string in your Xojo app (i.e. "MySecretPassword") that text will show up as plain text in your app—easily searchable by anyone.

A simple solution is to hide—obfuscate—strings in your application. Not all strings, but important ones you don't want hackers or even your users accidentally discovering, such as serial numbers of third party code modules, secret information related to your registration system, salts (https://en.wikipedia.org/wiki/Salt_(cryptography)), email addresses, phone numbers, and so on.

You might assume you could just encrypt such information—but then how would your app know how to decrypt it without a key? That key would have to be hidden in your app somewhere... which isn't secure.

The trick then is to obscure the information. Note that this isn't foolproof. A determined hacker might still be able to reverse engineer your scheme. But that's unlikely unless your app is a prominent target for some reason.

So today we're going to explore a little obfuscation routine I've created. Note that I make no claim to be a security expert and I can't vouch for the security of this particular algorithm—and the fact that it's been published in a magazine means you shouldn't use it exactly as-is. You'll want to tweak it and modify it in a unique way for your own use. More on that later.

The Obfuscate Algorithm

...End of Excerpt. Please purchase the magazine to read the full article.