Hour 18 Encryption and Security in AIR
Storing Encrypted Data
As you witnessed in the previous hour, storing local data to the end user’s file system is an easy yet powerful feature of the AIR runtime. But what if this is a shared PC that other employees use? Do you want other users to be able to swipe your AIR application passwords? Figure 18.1 shows why this could be a security issue. A default local shared object can be read, stored in an external text file, and the contents read in clear text.
Figure 18.1 An AIR unencrypted local shared object’s contents.