Conceal for Secure Android File Encryption

If you are an Android developer you might have used SQLCipher as drop in replacement for SQLite that allows for encrypted data storage. You might have also used IOCipher that provides an encrypted file system backed by SQLCipher. The problem with these is that they are fairly large (multiple Mb for the ARM version due to SSL) and using SQL to store file data is a pragmatic yet heavy way to provide for file encryption. Many apps implement their own file based security but that can easily lead to cryptographic vulnerabilities.

Facebook has just announced Conceal, a new opensource Java library that provides for file based encrypted storage, for example on SD cards where apps can otherwise view either other’s data. Conceal is easy to use, fast and they have managed to take just the parts of Open SSL they require and have reduced the extra SSL payload down to just 85KB.

Mobile Phone Development

Comments

Most Favorite Posts

j2obc - A Java to iOS Objective-C translation tool and runtime

What J2ObjC Is J2ObjC is an open-source command-line tool from Google that translates Java code to Objective-C for the iOS (iPhone/iPad) platform. This tool enables Java code to be part of an iOS application's build, as no editing of the generated files is necessary. The goal is to write an app's non-UI code (such as data access, or application logic) in Java, which is then shared by web apps (using GWT), Android apps, and iOS apps. J2ObjC supports most Java language and runtime features required by client-side application developers, including exceptions, inner and anonymous classes, generic types, threads and reflection. JUnit test translation and execution is also supported. J2ObjC is currently between alpha and beta quality. Several Google projects rely on it, but when new projects first start working with it, they usually find new bugs to be fixed. Apparently every Java developer has a slightly different way of using Java, and the tool hasn't translated all possib...

Google Drive versus Dropbox

MacWorld: Online Storage Face-Off: Google Drive vs. Dropbox

App Indexing

A better search experience for apps and users with linking to in-app content. Google is working with app developers and webmasters to index the content of apps and relate them to websites. When relevant, Google Search results on Android will include deep links to apps. App Indexing

PlistBuddy

If you want to generate a Plist within the shell script: The PlistBuddy command is used to read and modify values inside of a plist. Unless specified by the -c switch, PlistBuddy runs in interactive mode. Apple PlistBuddy ManPage

Server-driven UI (SDUI): Meet Zalandos AppCraft and AirBnB Lona

A short WTF: Joe Birch: SERVER DRIVEN UI, PART 1: THE CONCEPT Zalando seems to follow the SDUI principle as well - defining a common design language and construct the screens on the backend while displaying them natively on the clients. They even go one step further; they implemented a mighty toolset to enable non-technical stakeholders to define their own native app screens Compass: Web tooling to create screens and bind data Beetroot: Backend service that combines the screen layout definition with the data Lapis/Golem: iOS/Android UI render engines Crazy cool! Good job, guys (when you do an open-source release?) To even move faster a Flutter based UI render engine implementation was great! See also AirBnB Lona SDUI approach Building a Visual Language Why Dropbox sunsetted its universal C++ mobile project and AirBnB its React Native implementation

Why The Microsoft Surface Just Died Last Week

That was when the company’s new CEO, Satya Nadella, announced the launch of Office for the iPad. He emphasized the company’s focus on cloud and mobile for the future. “We think about users both as individuals and organizations spanning across all devices,” Nadella said during the launch event. And what he said effectively killed the Microsoft Surface. Forbes.com

MobileIron

Advanced Mobile Device Management Mobile Data Security, Visibility and Control for Enterprises Phones are replaceable. Data is not. Advanced Mobile Device Management combines traditional mobile device management capabilities with advanced data visibility and control powered by the Virtual Smartphone Management Platform architecture. The administrator can manage the lifecycle of the phone and its data, from registration to retirement, and quickly get smartphone operations under control. Tour the Enterprise Smartphone Management Dashboard. Multi-OS Device Management Central web-based console across operating systems Inventory and asset management Device configuration Encryption policy (phone, SD) Lockdown security (camera, SD, Bluetooth, Wi-Fi) Password enforcement Remote lock and wipe File distribution End-user self-service App Management Inventory Secure publishing and delivery Rogue app protection Remote Control Real-time, permission-based Enterprise Data Bo...

iOS & Android Development

Search This Blog