From 79929af4baa9b69504cda6a16a896549288503b6 Mon Sep 17 00:00:00 2001
From: dschuermann <dominik@dominikschuermann.de>
Date: Thu, 9 Oct 2014 06:58:02 -0700
Subject: [PATCH] Updated App Security (markdown)

---
 App-Security.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/App-Security.md b/App-Security.md
index b052a3b..6bc8f9a 100644
--- a/App-Security.md
+++ b/App-Security.md
@@ -17,6 +17,11 @@ From ``./lint --show AllowBackup``:
 ### Why is OpenKeychain's database not encrypted?
 * Public keys are public, why encrypt them?
 * The private parts of the secret keys are [already encrypted using a passphrase](http://tools.ietf.org/html/rfc4880#section-5.5.3). They are only decrypted/"unlocked" in-memory in OpenKeychain when used.
+* We could use [SQLCipher](https://guardianproject.info/code/sqlcipher/), but I am unsure what attack scenarios this would prevent:
+    * Other apps already cannot access Openkeychain's data, this is enforced by Android's sandboxing
+    * If a malicious app executes an exploit and gains root access, it could also get the secret keys by reading OpenKeychain's memory
+    * We would require another password for unlocking the SQLCipher database, so more inconvenience
+
 
 ### So how to backup/synchronize keys?
 * Synchronize public keys with keyservers -> you achieve the same certifications on all good OpenPGP clients