stackoom
  简体   繁体   中英

Why accessing database from android application isn't secure?

 原文  2014-03-13 14:52:23       java/ android/ sql-server/ rest

Question

I'm working now in an android application which will get the some data from MS sql database. I used jtds jar file to connect to the database, but I read that connecting to database from the application directly is not secure and I should use a web service. but I can't understand why?! .. can some one help me?

Also, I found a lot of tutorial explaining the connection using a web service using REST. But all of them depends on I have a php file then send HTTP request then parse json string. So should I create this file myself!

1 answers

solution1
 2 ACCPTED  2014-03-13 14:56:25

You should never connect to a database from within your app, because in order to do so you are embedding your database credentials in your application. Which means that anybody with a decompiler can get those credential and do what they please to your database with that.

here's an example of what happens when you do that =)

http://gamingirresponsibly.com/team-meat-learns-a-hard-lesson-by-hackers

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Why isn't my SQLite database loading from Assets in Android Studio? Android: Accessing single database from multiple activities in application? Accessing widget from android application Jelastic - Firefox gives “This page isn't redirecting properly” when Accessing a Secure Page using GlassFish Server (HTTPS) Why isn't this JLabel in the center of this Java application? Why isn't my sqlite database created? Secure Java Application Database Android Application isn't installed after deployment Why isn't my program accessing the superclass' array as expected? Why isn't REST accessing existing entries in MongoDB?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM