data-protection

I have been using AWS (Amazon Web services) and in particular simpleDB for a couple of smartphone apps using their iOS/android client libraries. So far, the data was very benign so I didn't worry too much about data protection. My next app project will require a "users" table/domain containing usernames and passwords. What I'm worried about is that someone reverse-engineer the Android java version of the app, then it will be easy to get all the simpleDB data, including all the passwords. the basic TVM thing (Token Vending Machine, where a temporary token replaces the AWS credentials which are

Im building a "premium" section of my site and Im in a need to give download access to files in a remote directly (on a different server), to users with special privileges (accounts stored in mysql db). My site is coded in php/mysql so a php solution would be great. direct all download links to a php file that'll do all the credential checking. you can call the file download.php pass along parameters via cookies, get, post, session, or whichever manner you verify privileges. once credentials are verified, you can send an appropriate header. if it's an image, the header would be header("Content

How does one combine several resources for an application (images, sounds, scripts, xmls, etc.) into a single/multiple binary file so that they're protected from user's hands? What are the typical steps (organizing, loading, encryption, etc...)? This is particularly common in game development, yet a lot of the game frameworks and engines out there don't provide an easy way to do this, nor describe a general approach. I've been meaning to learn how to do it, but I don't know where to begin. Could anyone point me in the right direction? There are lots of ways to do this. m_pGladiator has some