Hello, I'm developing an app which is passing some confidential info to a few services (WifiManager and AccountManager to be precise) in plaintext form. Can someone please let me know how easy or difficult it is for hacking the Context of an app and spoof these services? I'm essentially looking at avoiding information disclosure attack in my app.
And also, is there any recommended best practice in Java/Android world when it comes to handling user's confidential data in your app. I was looking for something like .NET's SecureString equivalent, but couldn't find any yet. -- Thanks Narendran -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
