I have a list of images referenced from the res/drawable folder. I realized that these images can be viewed from the compiled apk file when the file is opened with a file compressor program such as winrar. Is there a way to hide my images so that they can't be so easily accessed by snooping users?
The best option I see here is not saving your images inside the app. Instead, save them on your app server and get each image only when it's needed.
If your app don't have a server, you can save the images obfuscated inside your app (for example: base64 encoded or encrypted with a hard coded key). It won't stop a hacker but it will defend you from the common user.
From your comments it sounds like you want to use Internal Storage.
From the above link:
You can save files directly on the device's internal storage. By
default, files saved to the internal storage are private to your
application and other applications cannot access them (nor can the
user). When the user uninstalls your application, these files are
removed.
Just google or search stackoverflow on how to use Internal Storage if you need more help outside the Android docs.
Related
My question is pretty general; whenever an android app accesses internal storage environment path; its folder structure is created into device's "Android->Data->app_pakage".
Image files within this folder won't be viewed from gallery; which is fine.
There are lots of app which secures this files (Can't be opened directly from file manager);
Examples for this are music apps; they provide encoding of its downloaded files, so it can be accessed only from that app only. This encoding changes its extension
So my question is here, How this can be achieved?. I am looking for simplest solution, which don't require a high, complex encryption algorithms.
In-Short, I want to prevent users to access app files from file manager- internal storage
Please have a look at this link
https://developer.android.com/training/data-storage/files.html
Here there is detailed explanation.
To have files that can only be accessed from your app please use -
getFilesDir()
Returns a File representing an internal directory for your app.
Files saved here are accessible by only your app.
I have an app which takes pictures and saves them to sd, problem is that picture modification (delete,rename,ecc.) should be done just throught the app so I need a way to make the pictures folder not accessible to user...is it possible?
The only way is to encrypt the files that you store. There is no way to prevent users mount the sdcard to access every file stored in it.
In the common Android architecture the SD-Card is formatted using FAT32 filesystem. As FAT32 does not support any access control mechanisms you can not rely on that.
Therefore the only possibility is encryption. Create an encryption key and store in the private app data folder. Then use it for encrypting the privacy sensitive files you want to store on the SD-card.
I have a project consisting of four programs for different platforms; all of them use the same XML-based settings file format. I want to be able to manually modify/overwrite it outside of the application. On Windows, Windows Mobile and Linux I'm using "user.home", but on Android that alias isn't implemented. I'm thinking about simply putting it in the Downloads directory, however, that doesn't feel right.
I can't be the only one, who needs that kind of functionality. Or this isn't Android-way? Any suggestions are appreciated.
EDIT: I'm OK with the settings file not being available all the time (i.e. SD-card removed), it's used only on the start-up of the application.
Store it in getExternalFilesDir(). This would work only if the device has an external storage. The user would be able to access it.
However, take note of the following from the docs:
External files are not always available: they will disappear if the
user mounts the external storage on a computer or removes it. See the
APIs on Environment for information in the storage state.
According to Android data storage documentation you have 5 options:
Shared Preferences. By default this will use file /data/data/your.package.name/preferences/user_preferences.xml
Internal Storage. Here you can use something like /data/data/you.package.name/user.home
External Storage. Similar to internal storage /mnt/sdcard/Android/data/your.package.name/user.home, but if user removes memory card file will be inaccessible.
SQLiteDatabase. You can store the whole user.home file in a database blob.
NetworkConnection. Store user's config in a cloud.
I making an application with phonegap/cordova where I need to keep a lot of files up to date. Some files (mainly images) will need to be erased in time, and some new ones will get downloaded. The thing is, in Android, to manipulate those files, it seems I need to have them on the sdcard; so I copy the files the app starts with from my assets folder to the sdcard. It just seems like a waste of memory space.
Do you know if is there anyway I can start with the app having those files the app starts with already inside the sdcard? or at least somewhere I can delete them later?
Thank you.
Files that are delivered to the device as part of your APK will be stored in a form that cannot be modified by your application (other than by updating to a new version of the apk).
If you copy the files out of the APK into the private internal storage area or the external storage area, those copies can be modified, but the originals inside the apk will remain.
The most efficient solution may be to not put these files in your apk, but have your app instead download them separately on the first run, using whatever mechanism you wanted to use to change them in the future.
(Some people object to this feeling that such files are less secure against unauthorized use, but as the contents of an .apk are trivial to extract this is not a strong argument. Needing to maintain a server to download from is a slightly more substantial objection.)
You do not need to store the files on the SD Card. Each app has its own internal storage that is not accessible by any other apps. For more information see the official docs: http://developer.android.com/guide/topics/data/data-storage.html
I read this sentence, form a book
"Files: Files internal to applications, which you can store on a
removable storage medium"
and I am confused, well I expect that "Files internal to applications" saved from my app that will be accessible only from my app. and that is true when you save them internally in the phone memory.
But as the sentence says , you can save files to the sdcard also. And that is great but I think that everyone with 'external storage read' privilege set in the manifest will be able to read your file, so that doesn't make it internal to the app, it makes it publicly available to everyone.
My question is:
Is there any way to store the files in the 'removable storage medium' -> sdcard and those files to stay available only to my app, others application to be prevented from reading the content ?
I know that if you put files in data/data//files these files are only available to the app with that package name
It is possible . For that you need to encrypt the data with some private key and write to SDCARD, when ever you want to process that data you have to decrypt it . So another app can't access your data without decrypt it.
Android Encryption Example.
store the files in the 'removable storage medium' -> sdcard and those files to stay available only to my app
I don't think so, For sdcard it is not possible.
The one way is store encrypted file in sdcard and key for it is you can put (keep) in your application's shared preference in private mode and decrypt the file from your application when you want to read it. But I think it some ugly way.