Conceal for Secure Android File Encryption

If you are an Android developer you might have used SQLCipher as drop in replacement for SQLite that allows for encrypted data storage. You might have also used IOCipher that provides an encrypted file system backed by SQLCipher. The problem with these is that they are fairly large (multiple Mb for the ARM version due to SSL) and using SQL to store file data is a pragmatic yet heavy way to provide for file encryption. Many apps implement their own file based security but that can easily lead to cryptographic vulnerabilities.

Facebook has just announced Conceal, a new opensource Java library that provides for file based encrypted storage, for example on SD cards where apps can otherwise view either other’s data. Conceal is easy to use, fast and they have managed to take just the parts of Open SSL they require and have reduced the extra SSL payload down to just 85KB.

Mobile Phone Development

Comments

Most Favorite Posts

j2obc - A Java to iOS Objective-C translation tool and runtime

What J2ObjC Is J2ObjC is an open-source command-line tool from Google that translates Java code to Objective-C for the iOS (iPhone/iPad) platform. This tool enables Java code to be part of an iOS application's build, as no editing of the generated files is necessary. The goal is to write an app's non-UI code (such as data access, or application logic) in Java, which is then shared by web apps (using GWT), Android apps, and iOS apps. J2ObjC supports most Java language and runtime features required by client-side application developers, including exceptions, inner and anonymous classes, generic types, threads and reflection. JUnit test translation and execution is also supported. J2ObjC is currently between alpha and beta quality. Several Google projects rely on it, but when new projects first start working with it, they usually find new bugs to be fixed. Apparently every Java developer has a slightly different way of using Java, and the tool hasn't translated all possib...

Google Drive versus Dropbox

MacWorld: Online Storage Face-Off: Google Drive vs. Dropbox

PlistBuddy

If you want to generate a Plist within the shell script: The PlistBuddy command is used to read and modify values inside of a plist. Unless specified by the -c switch, PlistBuddy runs in interactive mode. Apple PlistBuddy ManPage

App Indexing

A better search experience for apps and users with linking to in-app content. Google is working with app developers and webmasters to index the content of apps and relate them to websites. When relevant, Google Search results on Android will include deep links to apps. App Indexing

Backend-driven native UIs

Backend-drive native UIs John Sundell Slide Share Using Back-End Design to Create Customizable Front-End Mobile Experiences By controlling the front end of mobile apps from the back end we can build customized experiences at runtime, creating cleaner interfaces and reducing load times. Nithin Rao UX Magazine The Hub Framework Welcome to the Hub Framework - a toolkit for building native, component-driven UIs on iOS ( no Android support released yet ). It is designed to enable teams of any size to quickly build, tweak and ship new UI features, in either new or existing apps. It also makes it easy to build backend-driven UIs. The Hub Framework has two core concepts - Components & Content Operations. Spotify LeeGo: Build UI without UIView LeeGo is a lightweight Swift framework that helps you decouple & modularise your UI component into small pieces of LEGO style's bricks, to make UI development declarative, configurable and highly reusable. Wang Shen...

Why The Microsoft Surface Just Died Last Week

That was when the company’s new CEO, Satya Nadella, announced the launch of Office for the iPad. He emphasized the company’s focus on cloud and mobile for the future. “We think about users both as individuals and organizations spanning across all devices,” Nadella said during the launch event. And what he said effectively killed the Microsoft Surface. Forbes.com

MobileIron

Advanced Mobile Device Management Mobile Data Security, Visibility and Control for Enterprises Phones are replaceable. Data is not. Advanced Mobile Device Management combines traditional mobile device management capabilities with advanced data visibility and control powered by the Virtual Smartphone Management Platform architecture. The administrator can manage the lifecycle of the phone and its data, from registration to retirement, and quickly get smartphone operations under control. Tour the Enterprise Smartphone Management Dashboard. Multi-OS Device Management Central web-based console across operating systems Inventory and asset management Device configuration Encryption policy (phone, SD) Lockdown security (camera, SD, Bluetooth, Wi-Fi) Password enforcement Remote lock and wipe File distribution End-user self-service App Management Inventory Secure publishing and delivery Rogue app protection Remote Control Real-time, permission-based Enterprise Data Bo...

iOS & Android Development

Search This Blog