[guardian-dev] Introducing Conceal: Efficient storage encryption for Android

Mark Murphy mmurphy at commonsware.com
Wed Feb 5 15:00:08 EST 2014


On Wed, Feb 5, 2014, at 11:48, Josh Steiner wrote:
> Yeah, they clearly care most about the threat model of spyware apps
> installed via mainstream app stores snooping on other apps data on SD.
>  A valid use case for a lot of apps.  

Few apps should be storing data on removable media, if for no other
reason than there's no official support for it. Hence, I question your
last sentence. *Some* apps, from organizations with the resources to
deal with all the per-device idiosyncrasies of trying to work with
unofficial storage locations, may have this use case. Most hopefully
stick with ordinary internal storage for stuff they want to keep away
from other apps.

> Do you happen to have an exhaustive writeup of all the foibles of
> storage on Android by chance?  It's something that still hurts my
> brain whenever I have to deal with it.  What a mess.

There's no question that Google has made some fairly odd decisions in
this space.

I don't really have such a writeup, but I really could use one, as I
find myself repeating the same things on StackOverflow over and over.
I'll try to put together a blog post on it. Stay tuned to
http://commonsware.com/blog. :-)

> Well, there is a case where an app like StoryMaker wants to encrypt
> huge files like the raw .mp4's that comprise the pre edited footage of
> a story being produced.  We definitely want to store this on the real
> SD card in a lot of cases.  

So long as you are walking into this eyes wide open, noticing the "here
there be dragons" notation on the map around the "real SD card" area,
more power to you. :-)

-- 
Mark Murphy (a Commons Guy)
http://commonsware.com | http://github.com/commonsguy
http://commonsware.com/blog | http://twitter.com/commonsguy

_The Busy Coder's Guide to Android Development_: Version 5.5... And
Still Going Strong!


More information about the Guardian-dev mailing list