I'm not a security expert, but I wonder how will it help if passwords will be stored encrypted? I mean if someone steals my phone, he'll be able to decrypt it anyway, right? Since physical device is his hands with keys and everything and not just some database dump.
This also reminds me about pidgin, which does the same thing... just saying.
Pidgin is one account, assuming passwords are only used once (crazy I know). The browser however has the potential to store all your accounts usernames and passwords.
If the device is rooted a malicious app could simply copy the webview.db and send off your usernames / passwords. Encryption would at least stop anyone who didn't want to brute force a db. I'm not saying it is impossible but that doesn't mean plain text is the right answer.
If you granted the root permissions to a malicious app, you've got much bigger problems than cleartext passwords in private file.
If you didn't grant the root permissions to a malicious app, why do you care, how it is stored? No other app can access it anyway and any obfuscation would be good only for complexity's sake.
I would be more worried about a malicious app taking advantage of an exploit to compromise your phone and then reading your passwords without root having root before on your device or without it asking for root permissions. There are known ways out there to get root access without actually unlocking via exploits.
Exploits can be used to privilege escalation on all platforms, that's not Android specific thing.
Adding to that, Android vendors are not that bad in fixing exploits. I had two devices (Sony phone and Asus tablet) that were always fixed before the exploit got widely known. I could not root them (yes, I wanted to do it without unlocking) if I updated as soon as the updates were available.
With SEAndroid getting into stock Android, even that is going to be a thing of past.
Encryption would only stop attackers that are too stupid to grab the encryption key that would be sitting right next to the database. Browser would need to decrypt it, after all, and if browser can so can anyone else.
9 comments
[ 4.8 ms ] story [ 30.4 ms ] threadThis also reminds me about pidgin, which does the same thing... just saying.
https://developer.pidgin.im/wiki/PlainTextPasswords
If the device is rooted a malicious app could simply copy the webview.db and send off your usernames / passwords. Encryption would at least stop anyone who didn't want to brute force a db. I'm not saying it is impossible but that doesn't mean plain text is the right answer.
If you didn't grant the root permissions to a malicious app, why do you care, how it is stored? No other app can access it anyway and any obfuscation would be good only for complexity's sake.
Adding to that, Android vendors are not that bad in fixing exploits. I had two devices (Sony phone and Asus tablet) that were always fixed before the exploit got widely known. I could not root them (yes, I wanted to do it without unlocking) if I updated as soon as the updates were available.
With SEAndroid getting into stock Android, even that is going to be a thing of past.