• Johanno@feddit.de
    link
    fedilink
    arrow-up
    5
    ·
    7 months ago

    This is why you obfuscate after you code. Just obfuscate the release build. And logging may at that point be thrown out of the window anyway

    • ObsidianNebula@sh.itjust.works
      link
      fedilink
      arrow-up
      8
      ·
      edit-2
      7 months ago

      It was obfuscated only in the release build. The issue is that they have a system to send certain logs to an API so they can refer to them if a user has an issue that needs further investigation. Unfortunately, their target audience is not very tech literate and have a hard time explaining how they got into a situation where they experienced a bug, so the remote logging was a way to allow us to try to retrace the user’s steps. Some of the logs that get sent to the API have JSON values converted from class data, will refer directly to class names, etc, and those logs had the obfuscated names.

      • Johanno@feddit.de
        link
        fedilink
        arrow-up
        4
        ·
        7 months ago

        Well then you are fucked.

        The question is if nobody else has access to the logs, then obfuscation is stupid