Can any body open and see the contents of the serialized file through Hex editor ...are the serialize files in java are safe ..?
Tim Moores
Rancher
Joined: Sep 21, 2011
Posts: 2329
posted
0
Can any body open and see the contents of the serialized file through Hex editor
You must have tried that and found that it's possible, as it is with any other kind of file.
are the serialize files in java are safe ..?
Serialization is not an encryption. If you want the data to be safe, encrypt the data before writing it to disk.
Jeff Verdegan
Bartender
Joined: Jan 03, 2004
Posts: 3133
posted
0
Saral Saxena wrote:Hi ,
Can any body open and see the contents of the serialized file through Hex editor ...are the serialize files in java are safe ..?
You can see the contents of any file with a hex editor. The question is whether you can understand the contents of that file. For most binary files for most humans, the answer is "no". That's we we use programs that are written to understand specific binary formats, like MS Word, or an MP3 player, etc.
Java's serialized files are no different. You wouldn't be able to understand most of them with a hex editor, but all you need to interpret them and see what they contain is a Java program that does ObjectInputStream.readObject() and then a little reflection to pull out the values of the objects' fields.
0
