Fiddler is an awesome tool and helps do a lot of things for a developer. And at the same time you might be a little worried about someone running Fiddler to intercept the network activity from your app. If you have used Fiddler yourself, you will know what the risk is. For instance, if the app deals with Banking, running Fiddler will expose the information about the Web Services used by the app and what is the communication between app and the service.
Luckily there is a way you we can detect if Fiddler is running on the machine the app is running, or at least a way to detect chances of Fiddler running. Below code snippet shows how to do it. It will work in all Windows Store Apps (also in desktop apps).
In case of Windows Phone, things are a bit different. There are very less chances of having a Loopback proxy, and there is no Fiddler like tool for a Windows Phone to the best of my knowledge. However, an user can set phone’s proxy to a Computer on same network and run Fiddler on that machine. Now the only option to avoid the user from intercepting a Windows Phone’s communication is to restrict the user from using the app in case of any proxy is configured. The above code will work in Windows Phone as well.
Comments and feedback welcome! If there is any better way we can do this, please leave it in comments!