Prevent root access to my application files

Question

I have created a webview application to run a web application on an android tablet with the intent of viewing certain documents. This collection of documents is the basis of the application that I am writing so if everyone could see and copy the files, it would defeat the purpose of what I am trying to do. So far, I have converted the documents into a HTML format and put them into the assets folder of my application project. This should stop general access to these files.

However, I have learned that rooting your android device could grant you access to these files. This really does need to be overcome somehow. Is there a way to prevent root access to these files or is there a more secure way of storing these files?

The tablet I am currently using to develop has Android 2.2 although I may update this at a later stage.

I am also using Eclipse to develop the application.

Thanks

Sorry if you misunderstood, I am talking about non-programatically. Just the general viewing of files/folders — Graham Turner, Feb 08 '12 at 12:56

score 3 · Accepted Answer · answered Feb 08 '12 at 12:49

3

Encryption is the only way to prevent the usage as best as possible. The root can see and touch everything but he can't use the files if they are encrypted.

I do that for a customer application, too.

answered Feb 08 '12 at 12:49

WarrenFaith

57,492
25
134
150

Thanks for the quick reply, What would be the best way to encrypt it then? – Graham Turner Feb 08 '12 at 12:50
1

You should implement your own InputStream/Outputstream which does the encryption/decryption. If you encrypt your files, you can put them on the sdcard for easier access for your program. There are plenty of tutorials for encrypting/decrypting around... – WarrenFaith Feb 08 '12 at 12:55

score 0 · Answer 2 · answered Jun 19 '12 at 10:03

0

I have been in the software industry for over 30 years, and I know it is suicide to go down the track of this "protect it at any price". Encryption does not help, it is just a better challenge to hack it and will attract more people trying. Spend time, money and efforts on marketing the software instead.

answered Jun 19 '12 at 10:03

Rolf

17
1

I don't think so, because what about if your app is extremely successful and include a dangerous security hole, it can make a **market lose** for your business – Ahmed Nabil Aug 21 '19 at 18:37
this seems like an attacker would say.. to discourage people protecting their apps. don't fall for this crap. – Neeraj Feb 21 '20 at 10:24

Prevent root access to my application files

2 Answers2