03-25-2011 12:29 AM
Is there any advantage to the non-encrypted Local shared object? Otherwise why not use encrypted for just about everything? Or is there a signifigant performance drop?
03-25-2011 12:35 AM
03-25-2011 07:39 AM
@Kai001, I don't think we can really say quite yet just what is necessary, since RIM has provided so little real documentation on that kind of thing. I would say that "very sensitive" info (but that's a subjective term, of course) should be better protected, possibly by not even storing it in the device itself. Or storing it but encrypted using a key that's only available using strong protection, at the least a good password and possibly some form of two-factor authentication.
There's been some hint that the tablet will support encryption for "all corporate data"... maybe something to do with the various "modes" RIM has briefly described.
I doubt we'll know more until launch, or at least until a 1.0 SDK release just before launch.
03-26-2011 09:06 PM
I've used the encrypted sqllite db as part of my app which is a password storing app. IIRC that uses AES which should be secure enough for my purposes and the decryption password must be entered every time the app starts.
A wise man once told me if you've ever considered using your own encryption don't. Unless you're an expert whatever you come up with will be worse and easier to break than something which has had public scrutiny and thousands of hours of inspection.