Android security: how secure is the app's personal data?
I have an application that stores sensitive information in a file located in the application's personal data folder.
I would like to know how safe it is.
As far as I know on an android device, other apps cannot access this file.
Assuming:
- device is not rooted
- the lock screen has password protection
- a hacker stole this device and he really has to get this file
What tricks are there to get this file somehow? I mean:
- Is it possible to remove the rooted device (in this case) and then get that file?
- Can a hacker physically extract a flash chip from a device and then analyze it with any tool. Does Android come up with encryption to prevent this?
- Other ways to get this file can?
Is it even possible to completely protect this file? Perhaps the application might have an autostart service that controls the initial status. If the device goes rooted, the service immediately deletes the file.
Thank!
source to share
Is it possible to get the rooted device (in this case) and then get that file?
Yes, assuming:
- a hacker can reset the password and
- device is rooted at all (not every device has a known recipe for getting root)
Can a hacker physically remove a flash chip from a device and then analyze it with any tool.
In theory, though, it wouldn't be easy to do without physical damage.
Does Android support any encryption to prevent this?
Android offers full disk encryption and is enabled by default on newer Android 5.0 devices. More complete encryption of older Android devices may be forced; Android 5.0 seems to be stronger in this regard, although only time will tell if it also has disadvantages.
Is it even possible to completely protect this file?
Don't put the file on your device in the first place.
Or, encrypt it yourself, with a well-known phrase that the user knows is strong enough. You end up getting to the point where a $ 5 key is a more viable approach than trying to hack the device.
Perhaps the application might have an autorun service that monitors the root status. If the device goes rooted, the service immediately deletes the file.
Your application fails under some of these circumstances, in part because the OS isn't working normally.
In addition, even if your application is running, an attacker will simply force-stop it from settings after walking past the lock screen and before trying to set up root access.
And that assumes that your application knows all the possible ways to detect root access, which seems unlikely.
My application needs to read and write this file, so encryption is useless from a hacker's point of view
Only if your application needs to "read and write this file" without a user providing the passphrase. In this case, your only absolute protection is not to have a file. Anything else just slows down the attacks, but cannot stop them.
source to share
On an unloaded device, applications are isolated at the process and file system level. Each application gets its own file system space available only to it. The application can choose to have the file world read / write, but by default they are not. However, as noted in some of the comments and your original post, if a device is rooted, an attacker can access files almost anywhere on the filesystem. Android 5.0 mitigates this by allowing full enforcement of Linux SE policies, so if a privileged system process is used it will be restricted by SE policy.
That being said, it is best to assume that once your data enters the file system, it can be read if it is not secure. You can use the javax crypto packages to encrypt the file data. Your best bet is to protect it with a password that is hashed correctly (PBKDF2) to create a key for the file, not hardcode in your application. There are many articles on the best approach to this.
Please note that the "Android 5.0 encrypted file system" is not fault tolerant for this. What the encrypted file system provides is the protection of the data partition when the device is turned on. The user-supplied password is used at boot time to mount the encrypted partition (just like on encrypted volumes on the OS). After installing it, it looks just like any other mounted filesystem.
source to share