Hi, If you give root rights to an app you don't trust, it is not secure anymore. It's same as on every operating system. The same would happen on Windows, Linux, iOS. When an application has root/superuser rights, it can do everything.
But if you only give root rights to a small number of apps you trust, disable usb debugging, restrict the physical access to your device, and install the newest Android version you are mostly save. Regards Dominik On 26.07.2012 20:01, Guilherme Ramos wrote: > And is this possible in the latest versions (ICS, Jelly Bean)? > > If so, Android is not secure at all. > :( > > > > > On Thu, Jul 26, 2012 at 1:55 PM, Dominik Schürmann < > [email protected]> wrote: > >> On 26.07.2012 19:47, Guilherme Ramos wrote: >>> Can I consider the SQL database available on Android as a secure >>> information storage for my application? >>> I heard If one root the device one can access the whole database without >>> dificulty. Is that correct? >> >> Hi, >> >> yes that is right. >> You can use SQLCipher ( https://guardianproject.info/code/sqlcipher/ ) >> but then you have to deal with key management. >> >> And even with SQLCipher: A root app can do everything, thus it can also >> read the memory directly. When your SQLCipher db is opened your key will >> be stored in memory. >> >> Regards >> Dominik >> >> >
signature.asc
Description: OpenPGP digital signature
