Reputation: 981
Secure application data
Is is possible to restrict user, from accessing any application data, like SQLite db file, shared pref. file..etc. I have restricted it to certain level. But still, user can access these file, if he boots the device as root user, or super user.
What needs to be done, to restrict the user from accessing my secure application data?
Upvotes: 2
Views: 161
Answers (2)
Reputation: 1600
I saw a blog on this somewhere (I'll get the link if I can find it), but basically, there's nothing you can do. The blog author says that whatever data you put on a user's device is now theirs, and if they want at it bad enough, they're going to get it. A root user has access to everything on the device. That's what rooting is supposed to do.
The only way to really protect your data is to pull it from a secured server and not cache it, which is the only way you should be doing it, if you want to keep something from your user.
Found the blog post, suitably titled, "It's the User's Data, Dammit." http://commonsware.com/blog/2012/05/01/its-the-users-data-dammit.html
You should really subscribe to this guy's blog. He's got some good stuff on there. (No, I'm not plugging. I wish I could be this guy.)
Upvotes: 4
Reputation: 59731
If the phone is rooted there is little you can do to stop access to files stored on the device.
The best you can do is encrypt the data written to the file or the fields in the database using a key that the user has to enter every time they start the app.
Upvotes: 0
Related Questions
- Best way to secure Android app sensitive Data?
- How to secure information in Android
- Security in the android application
- Security in Android Application
- saving, reading and securing data of apps directory in android
- Android store user data securely
- Storing secure data in android
- Security in mobile application
- Secure of Android app content
- Prevent root access to my application files