Encrypt your data when writing to DB and decrypt when you read. Might make ur app a tiny bit slower but you might be better off.
On Oct 27, 6:25 pm, Byron Penner <[email protected]> wrote: > In cases where u absolutly need to maintain secure data obfusticate > the data before sasving to the db. At least this requires the thief to > go into the apk to find the algo to dycrypt the data. > > On Oct 27, 8:13 pm, swgillan <[email protected]> wrote: > > > > > > > > > Hello, > > > I have seen a few discussions on this, but I just wanted to see if > > there has been anything new. > > > Currently, a rooted phone can access the /data/data/ > > com.your.company.here/ path. Insides are all the wonderful areas like > > databases, files, and preferences. In fact, I was actually horrified > > to see that I could browse all the apps data on my development phone. > > > Is there a way to protect someone from accessing these (ie, password > > protect the database from shell access)? > > > My issue is specifically in the database. While there isn't anything > > regarding passwords stored inside, there is some intellectual property > > in terms of the actual data and schema that could make it easier for > > people to copy what my application does. > > > My solution right now is to clear the particular tables I don't want > > people seeing in the database in onDestroy (when the user exits), or > > more accurately in onPause() with isFinishing(). Every time the > > application is launched the database is repopulated, so I am not > > worried about losing any data. I do realize that this isn't foolproof, > > but it seems to be better then nothing. > > > Is there a better way? > > > Regards, > > > Steven Gillan -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
