And is this possible in the latest versions (ICS, Jelly Bean)? If so, Android is not secure at all. :(
On Thu, Jul 26, 2012 at 1:55 PM, Dominik Schürmann < [email protected]> wrote: > On 26.07.2012 19:47, Guilherme Ramos wrote: > > Can I consider the SQL database available on Android as a secure > > information storage for my application? > > I heard If one root the device one can access the whole database without > > dificulty. Is that correct? > > Hi, > > yes that is right. > You can use SQLCipher ( https://guardianproject.info/code/sqlcipher/ ) > but then you have to deal with key management. > > And even with SQLCipher: A root app can do everything, thus it can also > read the memory directly. When your SQLCipher db is opened your key will > be stored in memory. > > Regards > Dominik > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
