Assets, Images, Sound files, are provided to the user without encryption !

Question

Hello,

i got surprised seeing that when someone installs my windows store app in his computer, he can see my images, sound files used in my app, without any problem!

Why you don't encrypt by default all the assets (images, files)?

How to encrypt them from users?

Answer 1

The files are hidden from normal users, but administrators can get to them.

If you would like to encrypt them you can do so yourself, but since the app needs to be able to decrypt them a clever enough user will be able to extract the key from the app and get them. Essentially you're obfuscating the assets rather than encrypting them.

You can use the Windows.Security.Cryptography namespace for encryption and decryption.

--Rob

Answer 2

Dear Rob, thank you for your response.

Are there any plans that all the assets will be encrypted by default inside the executable in the future?

I don't find it fair, that all apps' assets are copied as such in the installed package, so that everybody that installs the package could make use of them as such or modified (or in rare cases even distribute them in his own will).

There should be more security by default in the installed package.

Answer 3

We cannot comment on future plans. This request has been heard before, and you can post or vote on feature requests at http://wpdev.uservoice.com .

That said, this is essentially the same story as with previous desktop apps. The assets were generally hidden but there was no built-in encryption and resources could be trivially extracted from executables by anybody who knew to look. Likewise, the Windows Store app packages are in a hidden directory out of view of normal users.

--Rob