Clever Geek Handbook

Encryption between Android client and PHP server

I am a complete noobie when it comes to encryption and I think I can see that I have all the problems, let me explain:

I want an android app to talk to a server to render items in the app. Then, if the user interacts with that item, I want to send feedback to the server stating which item was clicked in order to save it to the database.

First, I don't want anyone to "intercept" this "feedback" over the network by sending them to the server. So I decided to use an https connection. But let's say that script, I am calling for a feedback https://mydomain.com/myscript.php (with a POST request). I don't want anyone to reverse engineer my Android code and see that I am calling this script to submit feedback, because then they could use it for the same purpose.

So I thought, "Hey, just grab the key from the server to send it back when I need to send feedback to the server." But again, in order to get this key, I need to call the php script and if someone can call this script, get the key, they can send feedback as they want.

It seems to me that there is no end to this. And I know there is one: D I think I am looking at this completely wrong. Do you have any guidelines for doing this?

Thank!

+3


source to share


1 answer


Don't trust customers

You cannot trust client software. There is a good quote in "Making Software Secure: Avoiding Security Issues the Right Way" by Viega and McGraw.

People usually hide secrets in client code, taking these secrets will be safe. The problem with the secret in the client code is that talented end users could abuse the client and steal all of its secrets. Instead of making assumptions that must be followed, you should be reluctant to spread confidence. Servers should be designed not for trusted clients and vice versa, because both clients and servers get compromised. Reluctance to trust can help with division.

Decision



You cannot trust client software. But sometimes you can trust individual users. And you can delete spam. Things to consider:

  • Spam detection using a spam classifier . It will take some time.
  • You can estimate limit POSTs from a single IP.
  • You can require users to log into your app in order to write a review. And then the rate of limiting feedback from a particular account.
  • Better yet, you can require people to authenticate to the Google+ or facebook servers first (i.e. your app prompts the user to authenticate their Google credentials.This should be pretty painless for them since 95% of Android users have Google credentials. ) Before publishing. Then the speed limits each account. Most bots won't have access to many / any fake facebook / google + accounts as you have to break captchas to register. This should make it very difficult to send bots.

Large companies use a combination of 4, 3, and 1. The Google Play store was used to check all spam reviews and remove them. But now they are using # 4. You can't leave reviews on the Google Play store without registering anymore!

Edit: This might also be helpful http://android-developers.blogspot.ca/2013/01/verifying-back-end-calls-from-android.html?m=1

+4


source






More articles:


All Articles