Hacker News new | past | comments | ask | show | jobs | submit login

If the app can access it (offline, on your device), then what stops a developer from using tools to extract the token from the device, either from wherever it's stored in memory or using an interactive debugger to extract it as the app requests it?



Nothing stops a (sufficiently motivated) developer from doing that. But it will stop a muggle.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: