General Questions
How can I report a bug?
In case CodeInspect encounters a problem, you will be prompted whether you want to submit an anonymized error message directly to our development team. Reporting errors is completely optional.
What are the hardware requirements for CodeInspect?
CodeInspect can be memory-intensive when importing or debugging large Android application. We therefore recommend to use a computer with at least 6 GB of physical memory and a 2-core 2 GHz processor for productive use. Keep in mind that for debugging on an Android emulator, the emulator itself also requires memory. If you are running Windows and want to take advantage of the Android emulator's hardware acceleration while debugging with CodeInspect, you need a CPU that supports Intel's virtualization technology.
Which technology is CodeInspect based on?
The user interface of CodeInspect is based on Eclipse RCP. The interaction with Android emulators and phones is based on the Android Developer Tools (ADT) for Eclipse. All components that implement CodeInspect's core functionality are built upon results from cutting-edge academic research: The program analysis components are based on the Soot framework and the data flow analysis plugin is based on the FlowDroid open-source data flow solver. We constantly integrate results and findings from research to improve CodeInspect.
Which Android versions does CodeInspect support?
With CodeInspect, all apps can be analyzed, regardless of the Android version for which they were built. This includes debugging and changing the app code.
Do I need administrator / root privileges to install CodeInspect?
To install CodeInspect, you only need to download the archive (zip / tar.gz file) for your respective platform, extract it, and run the CodeInspect binary. No modifications to your system required. Therefore, you can run CodeInspect even if you do not have administrator / root privileges on your system.
Free Demo
Who can obtain a free demo license?
Free demo licenses are available to all people interested in CodeInspect or one of its plugins. This offer is not limited to commercial or academic users.
How does the free demo license compare to the full product?
The free demo license enables all the features of the CodeInspect software product for a limited amount of time. There are no restrictions on the number of APK files you can analyze or what you can do with these APK files inside the CodeInspect IDE. If you acquire a free demo license for a plugin, the same rules apply: The plugin is fully usable for a limited amount of time.
How can I upgrade from a free demo to a paid version?
Upgrading is easy. You do not need to re-install anything, but can simply enter your retail license key into the CodeInspect licensing window and continue using the product as usual.
Plugins
How does the CodeInspect data flow plugin compare to the FlowDroid open-source project?
CodeInspect's data flow visualization plugin is built upon the FlowDroid open-source data flow tracker. While the open-source components only provide a programming API and a simplistic command-line interface, the integration into CodeInspect offers an intuitive and interactive user interface. Analyses can be started and configured using Eclipse's "Run Configurations" dialog and the results are depicted in UML-like diagrams. The analyst can inspect the data flow path and jump directly into the respective parts of the code.
Debugging
Can apps be debugged on non-rooted phones?
Yes. CodeInspect allows users to debug applications on both the emulator and on real devices. The real devices generally don't need to be rooted. However, USB debugging must be enabled in the phone's developer options.
Does CodeInspect support AOSP debugging?
Yes. If you debug an app in CodeInspect and step into a library function of the Android Open Source Project (AOSP) such as SmsManager.sendTextMessage(), CodeInspect will continue the debugging session inside the Android source code. All debugging features (step into, step over, view variable values, etc.) are available as usual. Once you leave the library function, CodeInspect will automatically resume the normal app debugging. For this feature to work, you only need to have the Android source code of the respective Android OS version installed on your machine.
On which emulator can CodeInspect debug apps?
CodeInspect can debug apps on the normal Android emulator for all supported target platforms (x86, ARM, MIPS) as well as the Genymotion emulator.
Fraunhofer SIT
Institute for Secure Information Technology
Dr. Steven Arzt
Rheinstraße 75
64295 Darmstadt
Tel. +49 6151 869-213
helpdesk[at]codeinspect.de
