Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Assets Security in Android

How can we make Android assets secure so that no one can read them after app deployment?

like image 716
Mudassir Avatar asked Oct 27 '10 04:10

Mudassir


1 Answers

There is nothing you can do that will stop a determined attacker from reading them.

Using your own application level encryption would at least make the problem unique to your application, but someone could still do code analysis of your app to figure out how to decrypt them.

The platform's limited copy protection mechanisms are weaker, because they only have to be defeated once for all applications (such as by rooting the phone).

Assets utilized by platform functionality would also vulnerable to a modified platform configured to dump out copies of them.

Do what is easy to stop casual copying by unsophisticated users if you like, but then save your time and energy for battles you can actually win, such as the quality of your application.

like image 138
Chris Stratton Avatar answered Oct 11 '22 07:10

Chris Stratton