Facebook unveils “Conceal,” aimed at making Android apps more secure

4comments
Facebook unveils “Conceal,” aimed at making Android apps more secure
Facebook has released an open-source tool that will assist developers in building more secure applications for Android devices. The library of code is called Conceal and it provides a set of interfaces that make programming secure code a little easier.

This will assist developers when they need to build the app and ensure the app is able to safeguard sensitive data, particularly when the developer wants to allow an application to function properly on an SD card.

SD cards are handy at storing extra stuff on our devices, including apps. However, the Android OS designates SD cards a public resource. That means other apps on the card can access the same files. Developers have had to contend with a number of challenges when trying to secure their applications, especially when dealing with the prospect that some Android phones can run short on resources if the app is installed on the device’s storage.

Facebook’s solution allows developers to get their apps up and running faster and the libraries that Conceal uses are continuously updated through feedback from the developer community. The best part is that with this cryptographic package, app performance appears to get quite a bit faster (when measured in milliseconds).

Applications using Conceal take under 50ms to read or write encrypted data compared to apps using other packages like Java or BouncyCastle which take three to five times longer. Conceal also provides developers with the resources to manage secure keys and protect against known weaknesses in the OS. With this lightweight package, and open-source nature, Facebook may have a winning tool for developers.


“One objective of releasing Conceal is to enable other developers to quickly get up and running. We also believe that libraries get better with contributions and feedback from the community, and the community support can help improve the performance and security of this library,” Subodh Iyengar, Software Engineer at Facebook.

source: Ars Technica

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless