On Saturday, April 7, 2012 9:25:54 AM UTC-4, Hendrik Boom wrote: > > However, almost all of the apps on the app store demand read and write > access to sdcard, and many also want complete internet access. Now quite > a few documents are *not* to be made freely available worldwide, such as > confidential information and copyrighted works. How can I control this? > You shouldn't store confidential information on the sdcard, at least not in a form that isn't encrypted to make it uniquely readable by the associated application (ie, not transparent whole-disk encryption, but encryption done explicitly by the owning application)
There's also a private files area available to each app - historically this has been on a more size limited partition, so bulk data has tended to go on the sdcard instead, but that distinction is less important going forward. At the moment, protecting app data is basically a task for the authors of the apps that are going to handle confidential information - they need to either keep that information in the private storage area, or encrypt it if placed on the shared external area. There is speculation that Android itself may eventually offer mechanisms for placing somewhat restricted content on the sdcard, but not yet. > On my regular Linux box, I keep them in my personal file tree, with my > personal user ID, and I disallow group and world read rights. Even my > web server can't read them then. > No, but any "app" run under your userid - which would be most of the interactive programs you run on your desktop - can. How well do you really know what your desktop applications are up to? That's a point of comparison that's often been made when the "apps can steal your photos!!!!!" news articles come out. However, there can be a difference in that users may have a higher standard for the quality and provenance of applications run on their desktop than on their mobile. Also keep in mind that both android and your desktop linux rely on the kernel's userid segregation remaining intact, and not being subverting or bypassed by something running at a privileged level. With hidden vendor-specific utilities of questionable quality and motives running at root privilege being found on many devices, it may not be only the 3rd party "apps" you need to worry about when deciding what type of information it would be appropriate to store on the device at all. > -- You received this message because you are subscribed to the Google Groups "Android Discuss" group. To view this discussion on the web visit https://groups.google.com/d/msg/android-discuss/-/uG6B95tgxbEJ. To post to this group, send email to android-discuss@googlegroups.com. To unsubscribe from this group, send email to android-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/android-discuss?hl=en.