Is _G easily viewed by potential hackers?

I’m developing an app that contains sensitive information. I know that there are strong safeguards in place to protect the source code of any app, however, if a hacker did try to sneak out information during runtime, would the _G variable be the most obvious and easily accessible? I’m hesitant to put sensitive information into the global environment variable.

Does anybody have any info or insight into this?

Should I try and incorporate the vaguely-documented crypto library (I barely even understand what that is).

-Matt
W2MD [import]uid: 10211 topic_id: 22864 reply_id: 322864[/import]

Any program residing on a device that contains sensitive information is subject to access by hackers if they have access to the physical device. The casual user would not see this information and it would require someone highly skilled to access it.

The best thing to do is encrypt sensitive data stored in your code and any data stored in files associated with the program.

Corona provides hashing functions for getting a digital signature for data, but no APIs for encrypting data. You can do a Google search for encryption algorithms and also find Lua bit libraries to create the encryption code.

It’s a bit safer if the sensitive information is on a remote server and a SSL connection is used.

One caution about using encryption on the device in the US. When you submit your app to the iTunes App store you have to disclose that you are using encryption and subject to US exporting rules. [import]uid: 7559 topic_id: 22864 reply_id: 91519[/import]

Cool. Thanks Tom! [import]uid: 10211 topic_id: 22864 reply_id: 91565[/import]