Yeah. You re right. Thank you .
On Thu, Jul 26, 2012 at 2:12 PM, Dominik Schürmann < [email protected]> wrote: > Hi, > > If you give root rights to an app you don't trust, it is not secure > anymore. It's same as on every operating system. > The same would happen on Windows, Linux, iOS. When an application has > root/superuser rights, it can do everything. > > But if you only give root rights to a small number of apps you trust, > disable usb debugging, restrict the physical access to your device, and > install the newest Android version you are mostly save. > > > Regards > Dominik > > On 26.07.2012 20:01, Guilherme Ramos wrote: > > And is this possible in the latest versions (ICS, Jelly Bean)? > > > > If so, Android is not secure at all. > > :( > > > > > > > > > > On Thu, Jul 26, 2012 at 1:55 PM, Dominik Schürmann < > > [email protected]> wrote: > > > >> On 26.07.2012 19:47, Guilherme Ramos wrote: > >>> Can I consider the SQL database available on Android as a secure > >>> information storage for my application? > >>> I heard If one root the device one can access the whole database > without > >>> dificulty. Is that correct? > >> > >> Hi, > >> > >> yes that is right. > >> You can use SQLCipher ( https://guardianproject.info/code/sqlcipher/ ) > >> but then you have to deal with key management. > >> > >> And even with SQLCipher: A root app can do everything, thus it can also > >> read the memory directly. When your SQLCipher db is opened your key will > >> be stored in memory. > >> > >> Regards > >> Dominik > >> > >> > > > > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
