Disable manifest allowBackup

[randshell]

trafficstars

The current manifest use the default android:allowBackup=true and it's not secure. The app has an import export functionality anyway and we should use that.

I didn't tested if doing an adb backup bypasses the app lock by saving app data. But if the password is used to encrypt notes and not only lock the access to the app then it should be safe.

[federicoiosue]

Actually password doesn't encrypt data because they're stored into a database which is accessible only by ON. So yes, allowing backup of this files from adb would expose the database itself to unauthorized accesses with a simple SqLite3 client. I'll add to "Security" issues to be eventually addressed when the time to enforce that component of the app will come. Thanks for your great feedback!

[randshell]

Actually password doesn't encrypt data because they're stored into a database which is accessible only by ON.

As a note, the database is accessible by every app with root access like the Google Apps, not only ON if it's not encrypted :smiley:

I'll add to "Security" issues to be eventually addressed when the time to enforce that component of the app will come.

Since Github can now issue CVE for security issues, could you add a Security Advisory please?

Thank you for your work!

EDIT: Even if encrypted on the filesystem the data can be accessed in memory after the database is unlocked. Ultimately one should trust his own device and the apps installed. Encryption is still useful when the database is not unlocked and the device is stolen for example.

[lambdaupb]

Trying to secure the app with an adversarial root is futile and a waste of time. ADP access is also only granted after user confirmation per default.