Lines Matching refs:not
75 <acronym title="Interprocess Communication">IPC</acronym> files because they do not provide
84 choose to encrypt local files using a key that is not directly accessible to the
86 and protected with a user password that is not stored on the device. While this
87 does not protect data from a root compromise that can monitor the user
99 application, you should not store sensitive information using
104 We strongly recommend that you not store executables or
115 If you do not intend to provide other
136 Signature permissions do not require user confirmation,
157 potential SQL injection from untrusted sources. Note that using parameterized methods is not
161 <p>Do not have a false sense of security about the write permission. Consider
179 capabilities not provided by the basic sandbox, including access to device features such as
189 if a permission is not required for your app to function, do not request it.</p>
191 <p>If it's possible to design your application in a way that does not require
210 <p>Do not leak permission-protected data. This occurs when your app exposes data
212 not require that permission of any clients of it’s IPC interface. More
244 <li>Users may choose not to install an application because a permission is
247 has not been installed.</li>
268 <p>Networking on Android is not significantly different from other Linux
273 that are not secured, such as public Wi-Fi hotspots.</p>
290 not trust data downloaded from HTTP or other insecure protocols. This includes
298 user-to-user communication and is not well-suited for apps that want to transfer data.
306 not rely on unauthenticated SMS data to perform sensitive commands.
336 exploitability of these errors, but they do not solve the underlying problem.
365 storing or transmitting the information, do not store or transmit the data.
391 <p>Also, make sure that you do not inadvertently expose user data to other
397 is required, create a large, unique number and store it. Do not
424 <p>If your application does not directly use JavaScript within a {@link android.webkit.WebView}, do
425 <em>not</em> call {@link android.webkit.WebSettings#setJavaScriptEnabled setJavaScriptEnabled()}.
427 application, so remove that method call if it's not required. By default,
429 not execute JavaScript so cross-site-scripting is not possible.</p>
446 not cache particular content.</p>
467 <p>Where possible, username and password should not be stored on the device.
474 {@link android.accounts.AccountManager} class to invoke a cloud-based service and do not store
479 before passing in any credentials, so that you do not inadvertently pass
506 recommend that you <em>not</em> implement your own cryptographic algorithms. Use
512 Use of a key that is not generated with a secure random
537 If your IPC mechanism is not intended for use by other applications, set the
542 within the same UID, or if you decide late in development that you do not
566 may not be delivered to all applications. If you are sending an intent that must be delivered
578 <p class="note"><strong>Note:</strong> Intent filters should not be considered
580 can be invoked with explicit intents and may not have data that would conform to the intent
595 <p>By default, services are not exported and cannot be invoked by any other
623 <p>We strongly encourage designing interfaces in a manner that does not require
625 {@link android.os.Messenger} objects are not declared within the
643 invocation may fail if you do not have permission to access the given service.
731 Android, the Dalvik VM is not a security boundary—the application sandbox is
738 and where you store it locally. Do not use dynamic class loading from sources
739 that are not verified, such as unsecured network sources or external storage,