Do App Store reviewers see the actual CODE of you application?
Just wondering if they have any visibiltiy into the actual code you write? I would imagine they don't since apps like Yelp sometimes have easter eggs in em.
Just wondering if they have any visibiltiy into the actual code you write? I would imagine they don't since apps like Yelp sometimes have easter eggs in em.
Does anyone know for sure?
The complex answer is yes. The reviewer may not but the files you send contain everything they need to decompile and or review your code. And if you would like to see what i mean, compile an app as if you were going to send it to the review process. Then right click on your app in the xcode product folder in the left hand column in xcode as if you were going to compress it and send it in and reveal in finder. Then right click on the app in the finder and click on show package contents. In this folder is everything that belongs to your app. code, images, and all. Then all you need is the knowledge to decompile it and see what is there.
In the review process the code scanning is done by computers checking if you have used any undocumented API's and or code then it is passed on to the reviewers for the content review.
I have to disagree with you masc2279, any binary can be "decompiled". The result won't be pretty and will be pretty hard to read in most cases. Short answer is no they don't see your actual source code but they can analyse the behavior of your application with various tools.
__________________ My Games: My Blog 13" Macbook Air 1.7Ghz Core i5, 4GB DDR3, Intel HD Graphics 3000 iPhone 4S - PSPGo - 3DS - Wii - PS3 - 360
I have to disagree with you masc2279, any binary can be "decompiled". The result won't be pretty and will be pretty hard to read in most cases. Short answer is no they don't see your actual source code but they can analyse the behavior of your application with various tools.
On a closely related note... you probably want to make sure that all of your debug symbols are stripped from your code (if this really worries you, or just to make your binary as small as possible). I don't know if just compiling in release mode does this for you, or if you have to add any extra flags.
The complex answer is yes. The reviewer may not but the files you send contain everything they need to decompile and or review your code. And if you would like to see what i mean, compile an app as if you were going to send it to the review process. Then right click on your app in the xcode product folder in the left hand column in xcode as if you were going to compress it and send it in and reveal in finder. Then right click on the app in the finder and click on show package contents. In this folder is everything that belongs to your app. code, images, and all. Then all you need is the knowledge to decompile it and see what is there.
In the review process the code scanning is done by computers checking if you have used any undocumented API's and or code then it is passed on to the reviewers for the content review.
Hope this helps.
Wrong. They can open the app bundle, but they can't decompile the binary. Even if they could, appstore reviews aren't programmers, much less can they read ARM assembly.
Wrong. They can open the app bundle, but they can't decompile the binary. Even if they could, appstore reviews aren't programmers, much less can they read ARM assembly.
I never said the review had the knowledge to do so. But they do have everything they need to do so inside the package.
They don't actually receive your code(objective C) though do they? Wouldn't they receive in it assembly code or something? I mean a compiler brings your code to lower levels for you when you use it right?
They don't actually receive your code(objective C) though do they? Wouldn't they receive in it assembly code or something? I mean a compiler brings your code to lower levels for you when you use it right?
No they do not have your code directly they do have the compiled files which can be decompiled apple does have the tools to do so easily.
No they do not have your code directly they do have the compiled files which can be decompiled apple does have the tools to do so easily.
Ok that makes sense. A lot would definitely be up for interpretation for the decompiler I'm sure, the exact same program with the exact same functionality could be coded in millions of ways in Objective C(or another high level language).
Apple has exactly the same chances seeing our sources codes as we have seeing MAC OS source codes. They are all compiled with the same open-source gcc. Just make sure to strip the debugging information.
Now, with Objective C and with it's archaic messaging mechanism the framework has to know the class and method names, so all your Objective C names are stored in the binary file.
I use C++ mostly (ObjC only to talk to framework) - none of the source codes or names or anything like that goes into binary. You have to turn of RTTI though..
Regarding disassembling - you can of course see the assembly code. There are some C decompilers - they generate somewhat readable code, but it's not your source code. Of course if Apple engineers want to know what exactly your app does - they can reverse engineer it and figure it out. If they suspect that you planted some malicious code, they are capable of catching you, but it's a tedious and time consuming work.
__________________ Game Pack - All-in-1 Game Pack Shinro - A combination of Minesweeper and Sudoku Nibbles - Remake of a classic snake game Hooptie Browser - Humorous web filter
there is no easy way to decompile a program. Even Apple does not have magic tools
also I heard once that reverse engineering of other people's code is illegal in USA
From my experience with C++, decompiling that would turn into assembly code so apply the same principle here, Obj C decompiled = assembly thus meaning all the classes, objects and syntax used in Obj C but not found in assembly will be very screwed up.
there is no easy way to decompile a program. Even Apple does not have magic tools
Actually it's easy. Apple doesn't have any magic tools at all, they use open-source compilers and there are plenty of tools out there. Studying the program and understanding what it does is harder, but nothing is impossible. But again - you get some program generated code, not the actual source code.
Quote:
also I heard once that reverse engineering of other people's code is illegal in USA
Reverse engineering is absolutely legal in the US. Otherwise all those anti-virus, anti-trojan writing companies would never leave the court rooms. They have to reverse engineer every virus and every trojan before writing anti-virus for that.
There were plenty of books on DOS and Windows with information obtained by reverse engineering. The authors would be in jail. The Linux SAMBA project is done by reverse engineering of MS protocols, NTFS drivers for Linux are results of reverse engineering. The examples are countless.
It's just, yeah... Apple doesn't really care. The app is running in the sandbox, so you can't really do much. Why would they bother reverse engineering somebody's app?
__________________ Game Pack - All-in-1 Game Pack Shinro - A combination of Minesweeper and Sudoku Nibbles - Remake of a classic snake game Hooptie Browser - Humorous web filter
Do App Store reviewers see the actual CODE of you application?
Linear Mode
