Exadra37

Exadra37

Modern Android Security Development

https://proandroiddev.com/modern-android-security-development-f84796824cea

So as I always say StackOverflow cannot be trusted blindly:

Given the “find out how to en-decrypt data in Android” requirement, what would you do?
Unless you are a security expert or developer with a security career dedication that writing the cryptographic code from scratch is just a trivial task, it’s very common for us to start “Googling”, deep dive in “Stack Overflow” to find security-related implementation answers until we probably find below similar snippet:

Instead you need to dig and find the correct tool for the job:

Jetpack Security

Or “JetSec” for short, introduced at last Android Dev Summit 2019 provides us a high-level abstraction to allow encrypting data, file, until shared preferences easily without having to really understand the ins and outs of security.

JetSec features Android KeyStore ¹ which is the mastermind of every cryptographic operation and we may assume all data secured is done via it. Of course, every secured data associates with a private key which is a primary material used for any cryptographic op. In JetSec, these private keys called keyset . Android KeyStore stores these keyset materials in a container hardware-backed which makes accessing them very hard and it’s not exportable.

I loved this quote:

Thanks for reaching the potato. Few words left by this great said:

“Security is always excessive until it’s not enough.”

  • Robbie Sinclair

Popular Android topics Top

Exadra37
https://proandroiddev.com/modern-android-security-development-f84796824cea So as I always say StackOverflow cannot be trusted blindly: ...
New
First poster: bot
BBC Click’s Chris Fox explores what Huawei’s new operating system can do.
New
Unknowntech
How do mobile app development companies handle app updates and version management?
New

Other popular topics Top

DevotionGeo
I know that these benchmarks might not be the exact picture of real-world scenario, but still I expect a Rust web framework performing a ...
New
axelson
I’ve been really enjoying obsidian.md: It is very snappy (even though it is based on Electron). I love that it is all local by defaul...
New
dasdom
No chair. I have a standing desk. This post was split into a dedicated thread from our thread about chairs :slight_smile:
New
PragmaticBookshelf
Design and develop sophisticated 2D games that are as much fun to make as they are to play. From particle effects and pathfinding to soci...
New
DevotionGeo
I know that -t flag is used along with -i flag for getting an interactive shell. But I cannot digest what the man page for docker run com...
New
Rainer
Not sure if following fits exactly this thread, or if we should have a hobby thread… For many years I’m designing and building model air...
New
Exadra37
Oh just spent so much time on this to discover now that RancherOS is in end of life but Rancher is refusing to mark the Github repo as su...
New
AstonJ
Seems like a lot of people caught it - just wondered whether any of you did? As far as I know I didn’t, but it wouldn’t surprise me if I...
New
mafinar
This is going to be a long an frequently posted thread. While talking to a friend of mine who has taken data structure and algorithm cou...
New
PragmaticBookshelf
Author Spotlight: Peter Ullrich @PJUllrich Data is at the core of every business, but it is useless if nobody can access and analyze ...
New