w3hello.com logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML videos Categories
Android Keystore - can a user key be retrieved by root if he setuid to that user?

It is true that normally a key can only be retrieved by the user that stored it.

See e.g.: http://nelenkov.blogspot.se/2011/11/using-ics-keychain-api.html

If a device is rooted, the keys still cannot be retrieved unless the attacker also has the password.

If the attacker has rooted the device and has the password or the device is unlocked, it's game over.





© Copyright 2018 w3hello.com Publishing Limited. All rights reserved.