0

I'm developing an Android APP and I must connect to an external database. To make this connection it have to be by JDBC.

I know this is unsafe for several reasons, but it's not a problem right now. All the posts and articles I've seen everyone was saying to not use jdbc in android cause internet 3G it's not good enough for it. So it came to my mind : and 4G ?

The internet 4G I've seen it's 10mb, sometimes 50mb, connection. It was a lot better than the 3G.

So using JDBC in an Android APP, still a bad ideia ?

manlio
  • 18,345
  • 14
  • 76
  • 126
Cristiano Guerra
  • 615
  • 1
  • 7
  • 12

2 Answers2

2

It is a security issue. Your entire database could be compromised because your DB credentials would be saved in the client APK. This is a very high risk.

If as per password policy, your DB password needs to be changed often say 45 days, you will have to keep releasing updates every 45 days just because your DB password is changed.

Even if you decide to create individual DB users for each phone with restricted access to certain parts of the DB, User management would be a big headache. Also, you need to release customized apk for the individual user.

So, for security purpose and better management, I would advice to go on a web-service model.

ngrashia
  • 9,869
  • 5
  • 43
  • 58
  • I'd say it is not only a security issue, as detailed in [this answer ](http://stackoverflow.com/a/15853566/466862) there are also other very good reasons not to use JDBC directly from a mobile device. – Mark Rotteveel Jul 24 '14 at 15:47
  • I know it's another question, but there is a way I could prevent someone open my classes and see the password? I 've heard about something called Pro-Guard. Do you know about it? – Cristiano Guerra Jul 24 '14 at 16:06
0

Its kinda a Bad idea. since it would create heavy load on the phone (CPU, Network) but you need to put in AsyncTask

Itzik Samara
  • 2,278
  • 1
  • 14
  • 18