So I have made a game app using Unity and it stores a lot of information and data in the mobile's data path in this case Android. Now the user can definitely go there and alter the data i.e delete a file and that can lead to my app not working properly. So is there a way to maybe encrypt them so that the user cannot tamper with the data?
Files are of sound, pictures, etc.
You can encrypt files on the disk, but ultimately a player with malicious intentions would be able to slerp the keys used for encryption from the built version of the game. Because of this, I like to call it "Obscufication" rather than "Encryption", but please do try not to store sensitive information in there!
I recommend checking out this StackOverflow answer on how to perform encryption in C#.
If you want more security then you will need a server to store data on. Good luck!
Related
I’ve been following various articles and answers regarding saving
API keys / password / strings still havent gotten specifically that i have been searching.
The idea is to save KEY in a form of string in Xamarin.Form
where the KEY can be accessed while debugging
but should not be exposed if reversed engineered an APK or IPA file.
Stated by one of my colleague ‘Gradle’ used to do similar in android native
yet am unsure on it and where do i get it working in Xamarin.Forms with respect to iOS and Android
Any information related would be much helpful
Your best bet is to make use of SecureStorage this will use the platform specific secure stores to store the data you provide.
As pointed out in comments you should always operate under the assumption that someone will be able to gain access to your code and reverse engineer it. Using the secure stores per platform will require that anyone accessing the device will be able to unlock it via PIN or biometrics, depending on the device.
I'm designing a Windows Phone 8 app where I need to save certain credentials and message backups as a Parse object. So, while I'm taking data from the user end I want to preserve privacy of the clients. So, why not encrypt it. But then again I need to decrypt it back on client side. Say, there's a message "I'll be late". So, I want it to be encrypted to say "###%&**))^^^__673asdh" and saved in backend which makes absolute no sense to me. Again this encrypted message is read back to the front end client as and when required as the original message that he stored. Please suggest a good library. is AES a good option? Sorry for the question. I'm basically a noob in cryptography! Thanks.
If you are noob in cryptography - do not use encrytion/decryption primitives. Encryption/decryption method is only a part where proper use of the method is very important too. Try to find some crypto library that will do the work for you. At start you can read about Crypto++ library and BounceCastle, inspect the exmaples in this libraries.
I'm building a trivia game that retrieve questions from XML file using javascript.
But the XML file is available to those who got the full path to the XML file.
How can i prevent users from showing the XML file ?
Thank you.
If it's going to be available to the client via Javascript, it's got to be available to the client in general. Now you could encrypt it, then decrypt it in the Javascript - but that's more of an obfuscation technique than anything else... basically if you need the browser to have the plaintext version of the file at some point, you can't prevent it from being available to users in general.
If the problem is that the file contains both questions and answers - i.e. data that you're happy for users to see and also data that you don't want them to see - you should split the file in two.
If you only want users to be able to see the data at the right time (i.e. when the question is asked) then you can introduce a server-side aspect which will serve one question at a time, when requested, and log that the user has just seen the question. That won't stop users from fetching questions, but it will stop them from doing so in advance without you being aware of it. (Unless, of course, they can log in as a different user, fetch the questions, work out the answers, then log in as their real account and give all the right answers. At that point it's more a matter of authentication and user control than anything else - after all, they could take the test twice, too...)
I don't know your game software flow, but I think you have to write a web service which enforces validation rules over the XML files (stored in non publish web server are).
I want to write a program to maintain some important information for me , but i don't want to use sql as database because it is very important for me that no one can access the data , i want to save my data in a file and i want to use a password to protect my file like password in winrar software and then can access the data just in my program, can anyone give me an idea ?
Thank u all :)
Why not encrypt the file using AES? Here is a great tutorial for C# and Rinjdael/AES encyption and decryption of files.
EDIT:
But as mentioned in another answer SQL does provide password protection for its databases, would that not be the exact same thing you want to do (except you will be re-inventing the wheel)
I've seen professional applications that use a (un)zip library to open password protected archives. Of course one can brute-force those passwords and open the archive. So I don't recommend this option.
SQL database looks like the best option, but you need a database server. Or you might look into SQLite, it's serverless. To password protect sqlite you can read this question
I am creating application in which I would have database which users can´t edit. It just have data and it shows to user. I found that I dont have to use localstorage I just can add database to project and it is readonly. So I did it and everything is ok. Now I want to add images to my app and I am not sure what is better way. I can every image add to folder, in database store path to image and It´s very easy and It can do now. Or I found that I can store image in database as image (byte[]). What is better? Would be images in database smaller? Would be loading of images faster? If images in database is better solution have can I easy way add images to my existing database? Is there any article to do this in winforms? Thanks
Edit:
I'm glad that my question has so many answers and opinions. I want to explain more my needs. My application should have about 150 pictures and picture should be sized 150px and 100px. I want to app would work without internet connection. It could connect for updates but that´s all. Again thanks for all opinions :)
For our application, we found a hybrid approach worked best. We configured our SQL environment to support FILESTREAM and then imported all of our images. That gives us the flexibility of having the images 'in sql' while still storing the actual images to disk. Its a fast solution that may work well for you, too.
There are a lot of 'ifs', 'buts' and 'maybes' about where you put you put your images and I don't think there is a right or wrong way.
One thing worth mentioning is that if the application is business critical with high availability I would store them in the database, simply because the can be backed up with the rest of the data. Databases can be mirrored etc so having all the images treated as 'data' can be beneficial. Also if things get big and a web farm is employed and load balancers etc it helps when the images live in one place.
For me, I'd go with the database. But it all really depends on the scale of your application.
I personally would store all the images in isolated storage and in the database I would store the path to the image.
I would store all the images as a byte[] in the isolatedstorage
Nothing wrong with the answers already here but it really depends on what you are trying to accomplish and how it is currently set up.
Best would be to use a content delivery network for static images to ease the load of your web server.
You can serve from database or as resource file in file structure to your liking. If the images are static don't forget to add appropriate caching which for static content would be far future.
If you're rendering images I would definitely keep the images in the database to make it possible to access the images from any number of web servers.
If you want you can develop this further by keeping the images most recently used in memory or store on local filesystem so you don't have to get the file from the database every time.
web folder. also think about remote loading them from a cloud server like Amazon S3 to free up access to your own server
THe best option is to store your images on web folder, if you save them in DB, you will waste time retreiving them from DB because it takes more time