Astonished, How can someone be so sure about a code ? 
when even tech giants aren’t
1 Like
Hi Kumar, Which tool have you used to intercept requests? Emulator? Real Device? Rooted? Without knowing it we can’t update this extension further for preventing such hacks.
wow how you hacked this can you please tell the tools and method you used and this app which method used to secure
@BharatTech You created a useful extension, but the encryption method is insecure, as @Sumit and @Kumar obtained the keys even after they were encrypted by your extension in your app. Do not take this as a negative, etc. The thing is, we can say here that your extension is doing the work as stated in the title, but it is not actually doing the work, so take this as a lesson, do some research, etc., and do not be so sure that it cannot be hacked.
and this community is not to fight and say, “Come hack the app.” Other developers are more experienced, so you should think about learning this so you do not make the same mistake in the future.
Aditya
3 Likes
Hi Aditya, extension is working perfectly for data encryption within the app means data cannot be hacked by reverse engineering the app (Offline) but thing is Airtable, Firebase all these databases’ API key etc. can be intercepted because we need to send these data for connecting to databases. After talking to Sumit I made some changes in extension to detect rooted android devices but even though Kumar has intercepted the web requests. If you have any idea how to prevent this hack kindly suggest what will require for that & if possible create an extension to protect Airtable & Firebase alike databases. ‘Calling to hack the app’ was required not for a fight but to take attention of experienced developers and I’m really very sorry if it hurts because more experienced developers then only show their expertise. I’m a learner and always be. Thanks and please tell me how to protect our data over web requests.
I have not used the interception method, app is still insecure.
I don’t require rooted device to intercept the request and I never told you to change anything in your extension because there isn’t any way you can make such extension that can protect API keys. All apps that use airtable/FDB can be hacked and you can’t protect them with an extension or anything.
Without secure backend app will always get hacked.
2 Likes
So @BharatTech now you know, as @Sumit and @Kumar already told
Points to be noted
and about
here i don’t have any idea
1 Like
How can we secure our app’s backend?
Do some research, Don’t copy paste (article/Google/GPT)'s response.
Encrypting API key and some other things in client side be like 
@Sumit Hey Alien! How are you?
2 Likes
Do you know what backend is? Firebase and airtable isn’t backend
1 Like
I know that. Just tell me, is Firebase/Airtable always hackable?
Airtable Yes in 100% cases.
FDB Yes in 99% cases.
How to secure MySQL database in both backend and hide URL in blocks part. Anyone have idea 