I'm writing a small task management program in Java (not for mobile devices btw), and part of it was kind of a 'data service' to encapsulate and reuse database related code - such as connecting to different DBs, CRUD actions and stuff. The program itself should run offline, so I'm thinking of using SQLite for data storage. I'm aware that Hibernate does all that, but I'm a rather inexperienced dev yet and a friend who helps me with code reviews and some teaching recommended me writing such a module once, so I get a clue of what's going on behind the scenes before using Hibernate.
But back to topic. The data produced in this task management program is not highly sensitive, however, some protection would be fine. For that reason I was searching for ways to somehow protect/encrypt my SQLite database and encryption topics in general. The outcome was really confusing. There do exist some APIs that enable encryption for SQLite, but other sources stated that any offline database (with the password necessarily stored somewhere on the same machine) would be rather easily hackable if someone got control over the respective computer.
So my question is: is it generally safe/viable (at least for non-high end apps) to use offline databases? If so, what would be that best way to apply encryption? If not, why is it safer to use online databases - what are they doing differently?
The usual apologies if this has been asked before - I did search (honestly!), but couldn't find a really satisfying answer. Sorry if these questions sound stupid, but I haven't really come by security questions in my coding "career" yet and this is quite confusing in the beginning...