Bullshit or not? It has some interesting elements to it, and would be a step in the right direction for more-secure app content storage. Though at its base, it has some conceptual flaws. If you root the device, you can get the private key. By design, there's no way to put the key on external media (there's only one external microSD slot, and that contains your encrypted files). Files could be cached once decrypted. And of course it doesn't prevent a Finfisher-style screenshot-taking backdoor from just viewing what's displayed on the screen. That's not going into the quality of encryption (which remains to be seen). Conceal uses a stripped-down version of OpenSSL for its encryption algorithms. Still, could be fun. =) ~Griffin https://code.facebook.com/posts/1419122541659395/introducing-conceal-efficie... "Caching and storage are tricky problems for mobile developers because they directly impact performance and data usage on a mobile device. Caching helps developers speed up their apps and reduce network costs for the device owner by storing information directly on the phone for later access. However, internal storage capacity on Android phones is often limited, especially with lower to mid range phone models. A common solution for Android is to store some data on an expandable SD card to mitigate the storage cost. What many people don't realize is that Android's privacy model treats the SD card storage as a publicly accessible directory. This allows data to be read by any app (with the right permissions). Thus, external storage is normally not a good place to store private information. We saw an opportunity to do things better and decided to encrypt the private data that we stored on the SD card so that it would not be accessible to other apps. To do this efficiently, we built Conceal, a set of Java APIs to perform cryptography on Android and make storage more secure and lightweight. We created Conceal to be small and faster than existing Java crypto libraries on Android while using memory responsibly."