• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Regarding serialization

 
Ranch Hand
Posts: 203
Eclipse IDE Oracle Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi ,

Can any body open and see the contents of the serialized file through Hex editor ...are the serialize files in java are safe ..?
 
Saloon Keeper
Posts: 7573
176
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Can any body open and see the contents of the serialized file through Hex editor


You must have tried that and found that it's possible, as it is with any other kind of file.

are the serialize files in java are safe ..?


Serialization is not an encryption. If you want the data to be safe, encrypt the data before writing it to disk.
 
Bartender
Posts: 6109
6
Android IntelliJ IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Saral Saxena wrote:Hi ,

Can any body open and see the contents of the serialized file through Hex editor ...are the serialize files in java are safe ..?



You can see the contents of any file with a hex editor. The question is whether you can understand the contents of that file. For most binary files for most humans, the answer is "no". That's we we use programs that are written to understand specific binary formats, like MS Word, or an MP3 player, etc.

Java's serialized files are no different. You wouldn't be able to understand most of them with a hex editor, but all you need to interpret them and see what they contain is a Java program that does ObjectInputStream.readObject() and then a little reflection to pull out the values of the objects' fields.
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic