开发者

Is there any way to protect data inside SD card?

开发者 https://www.devze.com 2023-04-05 09:09 出处:网络
As we all know internal storage is not the right place to store big data in Android for many reasons that\'s why we should rely on SD card. My app needs to store a lot of small videos and images in a

As we all know internal storage is not the right place to store big data in Android for many reasons that's why we should rely on SD card. My app needs to store a lot of small videos and images in a cache folder, for this reason im using the standard "/sdcard/Android/cache" directory.

Problem is that internal storage is not that easy to read SDcard instead is easily readable and mountable elsewhere.

My idea is to override Input and Output File 开发者_如何学Gostream classes to introduce a xor operator or some other easy "scrambling" code. Would this be a good idea? Is there any better solution which does not add a lot of overhead?


You could always try to encrypt the data. There's a good response here that you might want to look at:

Is there a way to securely store user data on an Android device?


If you have a lot of images you must have a DB backend, you just need to create a, don't know, 32 chars key for every image and then when you write the files in cache split that key in 4/6/8 and write 4/6/8 files instead of one.

In this way it won't be that easy to read the data because you must know which are the chunks and the chunks order is on the DB which is stored on intenrnal dir.

No overhead at all.


Since the file system is more than likely fat or fat32 protecting it permission based way would be more convoluted.

If you are storing flat text files I'd suggest finding a complex algorithm to encode and decode along with several 'passes'. It won't be too secure however.

If you can change or convert the file system you may open up some options. You could use efs from ms. But that works if you convert the volume to ntfs. I'm sure android can't read that file system. Especially with efs.


I recommend that you encrypt the data, and store the key in private storage.

Don't use xor or some similar half-baked thing. That will be trivially decryptable.

0

精彩评论

暂无评论...
验证码 换一张
取 消