Reputation: 157
Android Broadcast receiver for rooting device
I use RootTools library and RootTools.isRootAvailable() function to know if device is rooted or no. I use it when phone is Booted in broadcast receiver. If device is rooted I delete all my secure data.
Not long time ago I have seen video where user has root his phone, after installing 3 apps and do some manipulation in them. Interesting he has SU privileges and he see all aps data without reboot his phone.
My question how we can secure our apps data in phone, maybe Android has broadcast receiver on root access, maybe I must listen some other collections of receivers or we must generate service that will check root access in some period?
Upvotes: 1
Views: 748
Answers (1)
Reputation: 17755
There is no such thing as an event (Broadcast or other) that tells you 'The device has been rooted right now'. Even if it existed, it would be easy to defeat : just force-stop the application before rooting. By the way this also prevent your application to receive the
BOOT_COMPLETEDevent.There is no definitive protection against rooted devices. You cannot trust a compromised system to tell you that it has been compromised.
The best solution I can think of would be to
- Encrypt your beloved data, so they are useless without the secret key.
- Each time you need them, try to get some clue if the system is secure before decrypting them in memory.
this leaves the problem of hiding the secret key (if you don't want to ask the user)
Upvotes: 0
Related Questions
- Broadcast Receivers Android
- Android-Broadcast Receiver
- Android - How to use a local broadcast receiver?
- broadcast receiver android
- BroadCast receiver on boot
- Receive and Register a BroadcastReceiver
- Broadcast Receiver
- android register a permanent Broadcast Receiver
- Global Broadcast Receiver (Android)
- Using BroadcastReceiver