I think the author is overreact / grandstand, it's not fair to say this app encrypted nothing - I decompiled the code and found it at least does encrypted the SMS/Call logs data, using AES. Secondly,maybe only XOR the front 128bit for video/image files is not secure enough, but anyone who has a brain knows that, considering the computing power of most Android phone, using strong algorithm to encrypt a whole media(e.g. video) file is hardly realistic, even unwise -- unless you can tolerate a long decrypting decrypting process before playing a video.
BTW, I read through the description of Vault Google Play page, there is nothing says it sales the ability of encrypt data, it just claims to "Hide some xxx on your phone" -- for that purpose XOR is enough
Don't most popular video formats essentially store certain frames as complete images, and then store frame to frame differences to cover the video between frames?
If so, I wonder how effective it would be to encrypt just the complete frames, leaving the frame differences for the in between frames unencrypted?
That would not be very semantically secure; while you could not see exactly what the original image was, you could still make out the movement. That would sort of be the analog of the ECB penguin on moving pictures.
