So basically storing private data on the phone is actually impossible? I must implement a system that needs to store some information at some times in application lifetime. This information must not be deleted / modified in any way because of security issues (the user could trick the system). Is there a way to this on a rooted phone (I'm pretty sure it's not... but the question worths a shot)?
Thanks! On Tue, Sep 15, 2009 at 2:39 AM, Romain Guy <romain...@google.com> wrote: > > The content of shared preferences is, currently, stored in an XML file > in the data partition. Only your app has the permission to look into > the directory that contains the XML file but if your user has a rooted > phone then all bets are off. > > On Mon, Sep 14, 2009 at 4:10 PM, bkbonner <brian.bon...@paraware.com> > wrote: > > > > We want to store credentials for a user to a web service so the user > > doesn't have to repeatedly login, but we're concerned about security. > > We can't store a hash on the database, but we could probably use JCE > > encryption locally. > > > > Is the content in SharedPreferences secured on the Android device? > > > > Brian > > > > > > > > > -- > Romain Guy > Android framework engineer > romain...@android.com > > Note: please don't send private questions to me, as I don't have time > to provide private support. All such questions should be posted on > public forums, where I and others can see and answer them > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
