DEV Community

loading...

Discussion on: How to encrypt strings & files in your source code?

Collapse
moopet profile image
Ben Sinclair

Encrypting endpoints sounds like a bad idea to me. It's security through obfuscation, which is defeated by either sniffing the network traffic or running a debugger. If someone's prepared to look through your code to find an API endpoint, they're not going to be put off by that sort of thing, and hiding API endpoints sounds like a recipe for disaster - at the very least it implies that your API is insecure.

"obfuscare js strings" is a weird one. Malware does that, but I can't think of any legitimate reason a programmer would want to do it. Is this mainly a tool pitched at malware authors?

Thread Thread
bartosz profile image
Bartosz Wójcik Author

I have listed a good number of legitimate uses, why you didn't comment on those at all? You don't think there is a legitimate case for encrypting files or messages within your source codes? This tool is mainly dedicated to regular software developers who might need a simple encryption to hide stuff from prying eyes. If you think there is no point in doing that - you have the right to your own opinion.