Security of string resources

Question

I was wondering what\'s the security of Android\'s resources folders (I\'m especially concerned with strings). I know, I know, it would be ridiculous to store a password in Stri

Answer 1

The primary rule of thumb here is that ANYTHING stored on the device is open for sniffing and cracking.

There is no such thing as local security against those in physical control of the device.

Even if you encrypt it, the keys for decryption have to exist on the device or be easily accessible by the device.

As a side note, this is the number one reason for features such as Remote Wipe.

So, if you plan on storing something sensitive or just plain don't want a slightly interested user to see the data you've stored on the phone, then you're out of luck.