Details
-
SkillsHTML5, CSS3, JavaScript, PHP, Android, Python, Swift
-
LocationBuenos Aires, Argentina
-
Website
-
Github
Joined devRant on 9/4/2016
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
@sathley We don't need one ;)
-
On Windows, Chrome.
On Mac, IntelliJ IDEA. -
@nik123 enable offline gradle if your internet sucks
-
Qwerty
-
@randomCoder I upgraded to Windows 10 Education with college's free license, disabled telemetry using Group Policy Editor (this policy only works on Enterprise and Education), disabled Superfetch, Windows Search (only if the machine has an SSD) and Windows Update (enabling manually when I want to update).
As an extra you can use Spybot Anti-Beacon, but I think it's not necessary. -
I discovered the solution a month ago, I'm so happy now!
-
Join the dark side.
-
@Haxk20 try to avoid breaking phones like me and you're ready to go!
-
@CozyPlanes oh, I see. You can start making some money with your apps to show your dad that you can make good use of the dev accounts ;)
-
@CozyPlanes why?
-
-
@f03n1x you're welcome!
-
@f03n1x maybe it's not available for your country yet. Download the update from APKMirror: http://apkmirror.com/apk/...
-
@f03n1x nope, latest on Play Store is 2017.03.16
-
@f03n1x what's your app version?
-
You're using a very old version then. You probably disabled auto updates or installed the APK manually.
-
@skrilltrax this specific app needs root access 😉
-
@gitpush yeah, I've read it before posting. Now I'm used to it.
-
"sudo su".
Sorry, I'm deleting my account. -
"-20s"?
-
@ScribeOfGoD Windows updates have always been slow to install, on any computer. Not my fault.
-
Pro tip: Don't.
-
Yeah, it's useless to me. Never typed sl by accident, so I never saw it unexpectedly :(
-
@jckimble people don't care if the app is on the latest version or not
-
@jckimble oh, WhatsApp uses a very good configuration of Proguard too, and it's easy to modify. Every class and method has a different name each release. But the code inside a method doesn't change. I can search the code with some regex in the entire project, and I always find it.
-
@jckimble if your original app sends it's hash I can modify it to send whatever I want, even your hash. And there's no problem if you update your app every week.
-
@jckimble WhatsApp has both, and I mainly modded their app. They combine the results of some checks like png logo checksum (because most people change it), signature, unique code per release (maybe the apk hash), and more. I just simple extract the result of that code with an Xposed module (taking the result of the method) and replacing it on the modified app. Simple as that. Android is insecure for developers.
Edit: you can see the source code of my modification here, if you're interested https://github.com/BrianValente/... -
@jckimble it's the hash of the signature, not of the APK. And there's no way to secure an Android app, there's always a way to bypass checks. I did it a lot of time with a lot of apps (I was a modder, not cracker), and it's easy.
Android developers listen carefully:
The only way to secure an app from modding/cracking is using Google authentication. Google Play Services checks if the signature is valid to log in. It's fairly simple, when the apps starts for the first time use the API to use the Google account logged on the device. It will give you an auth token. Everytime you want to connect to your server send the token too, and check in your server if the token is valid using the Google API. Also set an short expiry time (cracker can just extract your token with Xposed or shared prefs and replace it in the decompiled app), or check if it's being used by multiple devices and/or multiple IPs. -
@basanth get the signature of the app and check if it's yours. I did the check in one of my mods, line 402 https://github.com/BrianValente/...
The if code was deleted, but the code is understandable.
You need your own hash. -
@CozyPlanes shows the dialog if the signature changed (the app has been decompiled, modified, and recompiled)