I was poking around my GS3 today (ATT version but running the Sprint Official JB release LJ7) and I found something pretty shocking. I was poking around the S-memo databases when I opened a table using SQLIte editior. When I opened the table I was shocked to see my Google account username and password in clear plain text. Now, I did have the option to sync to Google drive and the app did prompt for my google username and password so obviously it stores it somewhere. I was just shocked to see it stored in plain text and not encrypted.
Jerry from AC checked his ATT GS3 running ICS and he did not have these entries in his DB which makes me think it's a JB thing. He suggested I start a thread to see if anyone else has experienced this.
To check you need to be rooted and have SQLite editor installed.
Steps to check
1. Set up S-Memo to sync with your Google account
2. Use SQLite editor and navigate to /data/data/com.sec.android.provider.smemo/databases
3. Open the Pen_memo.db file and select the CommonSettings table. Look to see if your Google account info is stored in plain text.
This could potentially be a serious issue. If people running JB on their GS3 can check this that would be awesome. Jerry already checked the latest ICS build for the ATT variant but if others on ICS or with a different variant can check that would be great. I will get to check my GF's I-9300 running JB tomorrow when I see her.
I have attached a SS of what my table looked like. Obviously I blacked out my PW and also the Google auth ID
Jerry from AC checked his ATT GS3 running ICS and he did not have these entries in his DB which makes me think it's a JB thing. He suggested I start a thread to see if anyone else has experienced this.
To check you need to be rooted and have SQLite editor installed.
Steps to check
1. Set up S-Memo to sync with your Google account
2. Use SQLite editor and navigate to /data/data/com.sec.android.provider.smemo/databases
3. Open the Pen_memo.db file and select the CommonSettings table. Look to see if your Google account info is stored in plain text.
This could potentially be a serious issue. If people running JB on their GS3 can check this that would be awesome. Jerry already checked the latest ICS build for the ATT variant but if others on ICS or with a different variant can check that would be great. I will get to check my GF's I-9300 running JB tomorrow when I see her.
I have attached a SS of what my table looked like. Obviously I blacked out my PW and also the Google auth ID
Last edited: