Based on this, is your perspective that Andrei is correct that "basically storing private data on the phone is actually impossible?"
My goal is not even store the data, but to have one time access for the application to a secure piece of data. The suggestion about being careful about where to put the encryption key, " get it over the network, only keep it in RAM, never let it be written to storage," does not seem to address decompiling the .dex file. The key would be put into RAM by the program that can be decompiled. I am not typically a paranoid regarding security, but this seems like it should be a legitimate concern. I'd like to be wrong about that. If this is a theoretical, but unlikely scenario that would be great. Carmen On Tue, Sep 15, 2009 at 12:58 PM, Yusuf Saib (T-Mobile USA) < yusuf.s...@t-mobile.com> wrote: > > You say that like it's a bad thing. Re-discovery worked well enough > for Columbus. > > > Yusuf Saib > Android > ·T· · ·Mobile· stick together > The views, opinions and statements in this email are those of the > author solely in their individual capacity, and do not necessarily > represent those of T-Mobile USA, Inc. > > > > On Sep 15, 9:11 am, Chris Stratton <cs07...@gmail.com> wrote: > > On Sep 15, 10:38 am, Carmen Delessio <carmendeles...@gmail.com> wrote: > > > > > I want > > > to get a handle on implementing security in an enviroment where: > > > > > 1. Developers can have a rooted phone > > > 2. Developers can decompile your code > > > > You have just re-discovered why security in a network environment > > starts with the premise that a server cannot trust a client > > computer, > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
