sdphil wrote: > I want to hide some info (encryption keys) in a private area.
The best answer: the private area is the user's brain. > I know > there are a lot of threads on the topic and from what i can tell - it > basically comes down to - there's no security :-) just kidding. > > It seems like the data you have in your private area -- > > /data/data/com.company.product/files > > is only accessible to your application, so it would be sufficient to > store anything (like encryption keys for example) in just plain text > files there if you wanted. > > the big drawback of doing this though is that a "rooted" phone would > be able to access that area -- therefore, no security. > > does "copy protection" solve this problem? I am not aware of any copy protection that solves this problem. And if you mean "copy protect" on the Android Market, that causes more problems than it solves, IMHO. > Would a "rooted" phone then be able to grab and install > the .apk file (and ultimately gain access to the app-private area)? I don't have a rooted device, but I presume the answer is yes. > Seems like someone somewhere has to have solved this problem. Seriously? Security is pretty much toast on anything if the one who wants to get past the security gets their hands on the hardware. This is why DRM tends to be broken. sometimes very quickly -- DRM providers are attempting to do the same thing you are. You cannot have the algorithm and the key both in something that can be read by software, plain and simple. -- Mark Murphy (a Commons Guy) http://commonsware.com | http://twitter.com/commonsguy _Android Programming Tutorials_ Version 1.0 In Print!
-- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
