开发者

How can I make sure file gets from phone to server without being tampered with?

I'm wanting to create an android app that gathers information and then uploads to a server -- however I don't want people to be able to edit the file before it's sent to the server. I can do the first part of it, but am unable to do the second part. Can anyone tell me the best way to go about t开发者_开发技巧his? I don't mind if the user knows what's in the file, just don't want them editing it and then uploading their edited information to the server.


You're pretty much out of luck since the application is run by the user and the output is controlled by the user. The only way you could take over user's system so he would have no control over it would be using trusted computing with all of the ethical and philosophical implications - see eg. Can You Trust Your Computer? by Richard Stallman. The only thing you can hope for is having a secure connection between your server and user's systems (SSL/TLS) but this is still user's system over which you have no control.


The only correct answer here is Zed's.

The rest of the answers rely on Security through obscurity.

The bottom line is: if device is not totally locked down (= trusted computing) then users can reverse-engineer the application/file-format/network-protocol and submit false data.

Fact of life: people with huge resources (media industry, IT industry) have tried to pull this off (DVD, BluRay, game consoles, etc..) but eventually talented engineers on minimum budget have been able to break this protection schemes.

So, it might work, but only if data is not important and nobody bothers to break it.


There are a couple of approaches you could use here:

  1. Encrypt the file before its saved to the device, the user will be unable to read/modify it.
  2. Encrypt the connection to the server, SSL can protect against a 3rd party interfering with it.
  3. Don't save the file in a public location, place it inside your app's private data directory. The user will be unable to access it.

Depending on how sensitive this information is going to determine which combination of methods to use.


Well as for Android you cannot prevent people from accessing files on the public filesystem.

Maybe there are better ways to handle this but I would simply crypt and decrypt the data before submitting and by using a passphrase or some sort of parity check one could validate the data.


Some rough ideas:

You could view the information that is being sent to the server to the user and then ZIP the file that's being sent with a password beforehand so the user doesn't get a chance to edit it:

Write a password protected Zip file in Java

Of course, you'll have to make sure the user doesn't know the password ...

Or you could build a checksum of the text that's sent and validate the checksum on the server. Here, again, you have to make sure the user doesn't know how the checksum is built and change it accordingly.

Or you could not safe the information to a file at all but into the app's database or private filespace (where non-root-users can't access it).

Whether it's the pasword or the checksum, you could send that information to your server with a normal HTTP-request so it won't be "visible" to the user (followed by a second request that actually sends the file), but if we're talking about users that know how to handle network-sniffers on their phone (needs root, AFAIK), you'll have bad luck, it's their device and their data that's trying to leave it after all :)
You could try to use a secure connection to fix this.


What you could do :

  • Sign the file with your application
  • Check the signature on the server, check if the certificate is a certificate that is authorized

This will help a bit, but you'll still have the private key bundled with your application... someone may be able to find it and then sign modified files...

Another idea : can you compute the data or is it user generated ? If it's computed why not just compute the data and send it to the server (over SSL) without even writing it to the filesystem ?

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜