Android Security and Privacy
Android security and privacy: encryption, keystore, biometrics, SSL/TLS, obfuscation, and GDPR
1What's the difference between ProGuard and R8?
What's the difference between ProGuard and R8?
回答
R8 is the successor to ProGuard, integrated directly into the Android Gradle Plugin (from version 3.4+). It combines shrinking, obfuscation, and optimization in a single step, making it faster and more efficient. R8 is backward-compatible with ProGuard rules and enabled by default for release builds.
2What does code obfuscation do?
What does code obfuscation do?
回答
Code obfuscation renames classes, methods, and fields with short, meaningless names (a, b, c) to make reverse engineering significantly harder. It also helps reduce the APK size. It is configured through the proguard-rules.pro file.
3What is the Android Keystore System?
What is the Android Keystore System?
回答
The Android Keystore System securely stores cryptographic keys, either in hardware (TEE or Secure Element) or in a software container depending on the device. Generated keys cannot be extracted, enhancing security. It is used via KeyStore.getInstance("AndroidKeyStore") with KeyGenerator or KeyPairGenerator.
How to implement biometric authentication?
What is Certificate Pinning?
+15 面接問題