TechQA.

Can an "attacker" get the value of a local variable in a method of an Android app?

642 views Asked by At

I read all the answers from Does it help GC to null local variables in Java where everybody agrees that by nullifying a local variable in Java does not help the GC (with some specific exceptions mentioned there). However I refer now not to Java in general, but to an Android app. Moreover, my goal is not merely to "help the GC" but to prevent a possible attacker from getting the value of the local variable before the attacker could ask for a memory dump. (Assuming the attacker has this ability.)

In short, here's my question: is it safer to assign some random value to a local variable in an Android app immediately after the actual value is no longer needed, or is this as safe as relying on GC? Why?

android security garbage-collection local-variables
Original Q&A
2

There are 2 answers

0
Dmytro Chaban On

Keep local variables in the private, so they can't access from outside of this class.

7
nickle_nine On

Each Android app runs inside it's own sandbox. Your app's variables will be safe as long as you don't expose it to other applications, such as via content providers or writing variables to external storage (microsd card). Another thing to avoid is installing apps that ask for any suspicious permissions or an excessive amount.

Here is a helpful reference from Google for app security: http://developer.android.com/training/articles/security-tips.html

Related Questions in ANDROID

Related Questions in SECURITY

Related Questions in GARBAGE-COLLECTION

Related Questions in LOCAL-VARIABLES

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions