No company or web service is probably as painfully aware of the need to keep data safe and private than the likes of Facebook, who holds a virtual copy of a good portion of their users’ lives in their hands. Facebook is now sharing part of that knowledge by releasing Conceal, a set of Java APIs that will help other app developers keep their own users’ data secure.
There are definitely many cryptographic APIs available out there, even for Android. What sets Conceal apart is that it is able to encrypt even large files on disk the fastest and most memory efficient manner. This makes Conceal suitable even for Android devices with very limited hardware resources.
Unfortunately, Conceal isn’t your run of the mill general purpose API library either. It won’t offer developers much options and will instead just use defaults which Facebook has deemed to be more useful. Whether or not that meshes with the developer’s idea of sane defaults is something for the developer to find out himself.
Fortunately, Facebook has been quite generous and has released Conceal under a permissive open source BSD license. It actually also utilizes bits and pieces of other open source software, particularly OpenSSL. It doesn’t actually contain the whole OpenSSL library due to size constraints. Additionally, older Android versions include a version of OpenSSL that doesn’t have the features that Conceal requires, forcing Facebook to yank out just the bits and pieces that it needs.
End users might not have much interest in Conceal itself, but the API is actually at work on the Facebook Android app as well. Conceal is used to securely store image files, which can reach a large amount, on the SD card, allowing users to migrate some of the app’s data from phone memory to external storage. Android app developers might want to take a peek at the FAQ to see how they can use the library for their own apps or even contribute to the open source project.