I read this sentence, form a book
"Files: Files internal to applications, which you can store on a
removable storage medium"
and I am confused, well I expect that "Files internal to applications" saved from my app that will be accessible only from my app. and that is true when you save them internally in the phone memory.
But as the sentence says , you can save files to the sdcard also. And that is great but I think that everyone with 'external storage read' privilege set in the manifest will be able to read your file, so that doesn't make it internal to the app, it makes it publicly available to everyone.
My question is:
Is there any way to store the files in the 'removable storage medium' -> sdcard and those files to stay available only to my app, others application to be prevented from reading the content ?
I know that if you put files in data/data//files these files are only available to the app with that package name
It is possible . For that you need to encrypt the data with some private key and write to SDCARD, when ever you want to process that data you have to decrypt it . So another app can't access your data without decrypt it.
Android Encryption Example.
store the files in the 'removable storage medium' -> sdcard and those files to stay available only to my app
I don't think so, For sdcard it is not possible.
The one way is store encrypted file in sdcard and key for it is you can put (keep) in your application's shared preference in private mode and decrypt the file from your application when you want to read it. But I think it some ugly way.
Related
I have a list of images referenced from the res/drawable folder. I realized that these images can be viewed from the compiled apk file when the file is opened with a file compressor program such as winrar. Is there a way to hide my images so that they can't be so easily accessed by snooping users?
The best option I see here is not saving your images inside the app. Instead, save them on your app server and get each image only when it's needed.
If your app don't have a server, you can save the images obfuscated inside your app (for example: base64 encoded or encrypted with a hard coded key). It won't stop a hacker but it will defend you from the common user.
From your comments it sounds like you want to use Internal Storage.
From the above link:
You can save files directly on the device's internal storage. By
default, files saved to the internal storage are private to your
application and other applications cannot access them (nor can the
user). When the user uninstalls your application, these files are
removed.
Just google or search stackoverflow on how to use Internal Storage if you need more help outside the Android docs.
I am writing an app for my final year project, so it's more so for proof of concept so it doesn't have to be the best app in the world.
It is like a file locker app that you can add and remove files from the app and when they are stored they will be encrypted. There will be a login of some sort for the user to enter and be verified on a DB.
I am still a novice in android so I still have a way to go, but I am getting there!
I was thinking when the file (which could be a doc, pdf, jpg, video file etc) is added to the app it would be stored in the internal storage (from what I have read it seems to be the best place to store app related content) and a record of the name and file type would be added to the DB and also the encrypted file name. So when the user looks at the app they will see a thumbnail of the pic and the file name, kinda like the My Files app shows up files within a folder.
My question is it best not to store the file directly into the DB but just use the DB as a reference with the file details, if so how could this be done?
Also I was thinking that an AES 128bit encryption method would be best suited for this. I have tried a couple of encryption examples but have only been able to do this with a txt file, when i tried it with a jpg the app just sat there and did nothing. It showed the encrypted and decrypted jpg but this was not viewable.
Would anyone be able to suggest a good way of encrypting any file type that would suit for my app?
Any help would be greatly appreciated!
Cheers,
Owen
If you want to do this properly, here are a few tips:
Don't store files in the database, unless you know in advance that they're going to be really titchy. Store them somewhere else, with a reference to them in the database.
The best place for them if they're smallish is internal storage in the app's private file space. But if you want to be able to store encrypted arbitrary data then you'll need to hit external storage.
Don't store the decryption key!
Ideally, you should find a way not to write the file anywhere when you decrypt it. That might not be possible, though, if you need to open it in another application afterwards. If you write the encrypted files to external storage, you should at the very least write the decrypted version to internal storage where there's some operating system protection against other apps reading it. If you write the decrypted file to external storage, anything will be able to get at it.
AES with a 128-bit key will do you fine.
I want to store media files in an external storage creating a folder . The folder is secured using a password and accessible by my app only. The user is allowed to create its own password. Any suggestions how to do this??
I don't think your approach is possible. Maybe you should think about encrypting the file contents, so that only your app will be able do access the actual content after decryption.
Encrypting files is not a solution! This only creates potential file loss and problems later. Also, it is slow and you rely on the app that encrypted the files to unencrypt them later. What if that app dies or is not longer available? You have lost your files.
External storage such as the SD card has no permissions associated with it. The closest you could do is to store your data in some encrypted form and as per requirement you can decrypt it also.
This is the link for how you can encrypt and decrypt your file.
We are trying to create an app which will download eBook from server and store it locally on sdcard. We tried to DRM eBooks, after we download an eBook the DRM will take care of the security of the eBook. But later due to some reasons we left the DRM concept. Now I want to know whether we can store the eBook securely in the sdcard. The user cannot do any operations in the file other than viewing. Can we store the file in some other location where the user cannot view the file at all. In iOS we can download the file inside the Bundle itself, but for android???. We tried storing the pdf as a BLOB file in DB and tried to read it from there, in that case also we need to write the file and then read it. I am really confused on this Issue, can someone suggest me a good approach on how to proceed further. Any help would be really appreciable.
Personally I've avoid the SDcard given it's pretty much open to all apps, as #commonsWare mentions having it internal storage offers the Android app sandbox security.
Have you considered IOCipher from the excellent guys at the guardian project it's build on SQLCipher and it allow you to create a encrypted virtual disk. The part I love about it is that it's a clone of the java.io libraries so you should only have minimal code changes.
Files stored on the external storage are easy to read by other applications or from user's PC. You might need to encrypt your files if you don't want anybody else to get access. Well encrypted files can be places anywhere in the system without any risks of being read.
Storing files on the internal storage in your case does not sound good, because there are still too many devices out there with the limited amount of internal storage, where every megabyte counts.
Can we store the file in some other location where the user cannot view the file at all.
Not on external storage. You can put the book on internal storage, in which case only rooted device users would have access to it outside of your app.
i) keep the files encrypted which are important to you.
ii) decrypt the files and move to the internal storage during runtime.
iii) Access your files only from internal storage.
Following these things will keep your file and method calling safe as they are accessible only to internal storage.
Example:(access moved assets files from internal storage )
file:///android_asset/ => file:///data/data/com.test.exmple/files/"
You can also try tools like quixxi that do this for you transparently.
I have an app which takes pictures and saves them to sd, problem is that picture modification (delete,rename,ecc.) should be done just throught the app so I need a way to make the pictures folder not accessible to user...is it possible?
The only way is to encrypt the files that you store. There is no way to prevent users mount the sdcard to access every file stored in it.
In the common Android architecture the SD-Card is formatted using FAT32 filesystem. As FAT32 does not support any access control mechanisms you can not rely on that.
Therefore the only possibility is encryption. Create an encryption key and store in the private app data folder. Then use it for encrypting the privacy sensitive files you want to store on the SD-card.