Foil Pics

Your rating: None Average: 4.8 (6 votes)

Foil Pics allows you to encrypt some pictures from the gallery with a password stronger than the lock code. Strictly speaking, each picture is encrypted with a unique random 256-bit AES key which in turn is encrypted with an RSA key which in turn is encrypted with your password. If the bad guys get your encrypted pictures, they would have to crack the AES key (different for each picture) or the RSA key (shared by all pictures but harder to crack) in order to extract the content. If they get the encrypted RSA key as well, then they can brute force your password. So in the end, the encryption is as strong as your password.

The format of the encrypted file is described here.

The RSA key is stored in ~/.local/share/foil/foil.key - you can copy it from one device to another. Using the same RSA key on different devices, protected with different passwords, is actually not such a bad idea. If you forget the password, you can use the backup key to decrypt the images, assuming that it has a different password that you still remember.

Source code:

Application versions: 
harbour-foilpics-1.0.2-5.1.armv7hl.rpm147.54 KB11/12/2017 - 20:26
harbour-foilpics-1.0.2-5.1.i486.rpm181.81 KB11/12/2017 - 20:26
harbour-foilpics-1.0.1-4.1.armv7hl.rpm144.45 KB10/12/2017 - 14:58
harbour-foilpics-1.0.1-4.1.i486.rpm178.56 KB10/12/2017 - 14:58
harbour-foilpics-1.0.0-3.1.armv7hl.rpm132.5 KB02/12/2017 - 19:54
harbour-foilpics-1.0.0-3.1.i486.rpm165.84 KB02/12/2017 - 19:54
  • 1.0.2
    - Navigation between images in fullscreen mode
    - Swedish translations
    - German translations
  • 1.0.1
    - Details page for encrypted and gallery images
    - Title of the encrypted image is editable (via details page)
    - French translations
  • 1.0.0
    - Initial version


Kelmi's picture

How I can brute force (or other way) my password when I forget password?

Maybe John the ripper is my friend.

This is little bit irrelevant to post here..

DarkTuring's picture

From pulley menu add share to SMS, Email, Android App




Upon sharing it will automstically decrypt and cooy paste into shared space.

slava's picture

I was thinking about it too but in the end I didn't feel comfortable with saving encrypted pictures somewhere in the unencrypted form (other than via Decrypt action).

Kabouik's picture

Ir's useful for those who use Sailfish since years and may have hundreds or thousands of pictures, and more than a few to protect. I would certainly use it!

Thanks for this app!

Kelmi's picture

I wonder why there is no "select pictures to encrypt" selection.. :P

slava's picture

I thought about that but it didn't seem particularly useful to me. But it's certainly doable.

slava's picture

Version 1.0.1 is identical to the Jolla store version (as is 1.0.0).

slava's picture

So is 1.0.2 and all upcoming versions until it's explicitely stated that OpenRepos and Jolla store versions have diverged.

jfebrer's picture

It would be great also for simple text files.

slava's picture

Foil Notes :) Hmm... why not?

cvp's picture

Thank you for the nice app!!

Are you planning to add support for videos as well?

slava's picture

Videos are significantly larger than images meaning that a) they don't fit entirely into RAM and b) decrypting the entire video would take considerable time. So they have to be somehow decrypted on the fly and fed into the video player, to avoid creating temporary files (readable by other processes). It's doable (e.g. by emulating some sort of a network stream) but it doesn't look like an easy task.

slava's picture

or alternatively, a decrypted video could be exposed via fuse filesystem, as a file available only to the current process. It's worth noting that in either case (fuse or network source emulation) decrypted data would have to pass through kernel, making it available for stracing by a sufficiently privileged process. That may not be acceptable to real paranoics :)

slava's picture

(continuing to talk to myself) Even though decrypted images never leave the app's address space, a real paranoic would still say that a sufficiently privileged process could read the app's memory and extract images from there. Oh well, there's no safe place in the world for real paranoics. This app is more about securing files in the internal storage than protecting against realtime hacking. If you have a rogue provileged process running on your phone, you are screwed anyway. So I guess either network emulation or a fuse file would be ok for the purposes of this app.

DarkTuring's picture


ferlanero's picture

An absolute must to to protect your privacy! Thanks!

TMavica's picture

Nice apps!

Kelmi's picture

Awesome, thank you! I really like this app for my xperia x. ;)

Caballlero's picture

Nice; thanks for this.

Bocephus's picture

Yes! This is an essential feature that was missing from SfOS. Thank you!

t0t3u's picture

Great job!

minitreintje's picture

Great idea! Installing as we speak :)

Erdrandbewohner's picture

Great! Works perfect. Thank you! :)

slava's picture

With a few hacks I managed to make it compatible with Jolla Store, so it should appear there too at some point.

slava's picture

Yep, it's there.

lkdhf's picture

Brilliant, thanks!