Regarding serialization

Hi ,

Can any body open and see the contents of the serialized file through Hex editor ...are the serialize files in java are safe ..?

Can any body open and see the contents of the serialized file through Hex editor

You must have tried that and found that it's possible, as it is with any other kind of file.

are the serialize files in java are safe ..?

Serialization is not an encryption. If you want the data to be safe, encrypt the data before writing it to disk.

Saral Saxena wrote:Hi ,

Can any body open and see the contents of the serialized file through Hex editor ...are the serialize files in java are safe ..?

You can see the contents of any file with a hex editor. The question is whether you can understand the contents of that file. For most binary files for most humans, the answer is "no". That's we we use programs that are written to understand specific binary formats, like MS Word, or an MP3 player, etc.

Java's serialized files are no different. You wouldn't be able to understand most of them with a hex editor, but all you need to interpret them and see what they contain is a Java program that does ObjectInputStream.readObject() and then a little reflection to pull out the values of the objects' fields.