I want to develop actions for Google Home but would like to know whether user interacting with the device is the same person whose account is linked with my service. As my service will include confidential information and money transfer capabilities as well so don't want the device to be misused by someone to know confidential information or for transferring money. So is there any security measures for this in Google Home?
Right now, there is essentially no security from google home (except for prohibiting access to private information, like your calendar, altogether). Google Home does not recognize the voice of who's talking to it, so it won't tell the difference between you, your spouse or a thief.
There are rumors that voice recognition (different from speech recognition) might be added eventually, and handling of multiple user accounts. Even if that were the case, I doubt that provides enough security for something as sensitive as money transfers. Obviously, you could implement your own security layer, though. (E.g., ask for a pass phrase before executing a transaction. This should probably use one-time use passwords / tokens, though, so that anyone who overhears the phrase won't be able to use it.)
Related
I hope you can help me with a problem:
I want to create a web application that requests user data from a Google Home device. I then want to create an interface that summarizes all this data and shows convenient data analytics to the user. For example: How many times I switched a light on during a week, or what music I'm listening to, or which light are on or off at a certain moment.
The problem is that I have no idea where to begin, I've been searching through Google and stackoverflow without avail. I came across a site called home-assistant.io, but that seems to be a program that consists of different modules and has the Google assistant "on the side" instead of using the Google assistant to gather the data.
So I guess it boils down to is it possible to use the Google Home to gather usage statistics, or isn't that possible (yet)?
In short - it isn't.
Users can see what they've done using their Google account, including through the Assistant, using https://myactivity.google.com.
However, third-party developers have no access to on-device activity, no access to the content at myactivity.google.com, and no way to intercept or view what a user is doing using the Assistant. In short - no way to gather statistics outside of their own, specific, Action.
There are lots of reasons this isn't allowed, but probably the biggest is security and privacy. Google gets a lot of criticism for collecting this information, and would probably get even more if it was possible for those outside Google to get it as well. (Google also has a business reason for limiting outside access to this information, admittedly.)
my app has passed the first review (yay) - but has now been passed to Allion for 'hardware review'.
The issue is that I am not providing hardware, i've provided voice interactions for an open source HA system, which in turn can support 00s of device types.
The Amazon review process was happy for me to provide them credentials to my service, which had access to a subset of device types, to then QA the interactions.
Is this normal for the review process?
Thus far many of the supported services have been direct hardware partners who own their own hardware and cloud. If your integration is done in a slightly different way it may require special instructions to your reviewer that may be different from normal.
I have had further comment from Google. Unless I can provide 1 of every type of physical device that the underlying HA system supports, they will not review, or certify my app. What this tells me is that either Google aren't committed to small SaaS providers & HA enthusiasts, or that this comment is not true. I note that there are several equivalent services listed on Smart home app list, which do exactly the same thing as mine. I rather doubt they provided one of every manufacturers zwave switch/light etc etc. Very disappointing, Amazon have a more welcoming approach –
Recently we developed and published a mobile banking app on the app store, for a big banking organization. The bank hired a security firm to perform ethical hacking over the app to see if it, in anyways compromises confidential data.
We recently received the hacking report from the firm, which in-spite of saying that no serious security issues are present, contains a list of all the class files, method names and the assembly code of the project.
Now the client insists that we fix these security loop holes and republish the app. However we don't have any idea how did they manage to get all these details from the application's IPA. I searched this over SO and found a particular post mentioning this link, which states that you can't save your app from being hacked.
Please help me how to fix these security vulnerabilities , or if not possible, how to convince the client.
Edit:
Recently came across this page. Seems like EnsureIT from Arxan can prevent app IPAs from reverse engineering. Anyone experienced with this?
There's always a risk involved. Even if you don't introduce vulnerabilities yourself, the platform may allow for exploits which in the end may offer an entry point for a malicious attacker.
As to your question: It is not safe to assume that a hardcoded URL, even if obfuscated beyond belief, can't be peeled out of your product. Always design your apps such that safety of user data is guaranteed (as far as possible) even if built in ressources get compromised. If the knowledge of that URL alone poses a security threat, then your whole approach and your clients API is inherently insecure. Remember that such information could possibly be captured by a man-in-the-middle attack (and other modes of attack) as well.
Avoid security by obscurity. Store sensitive data only on disk if it is necessary. As a rule don't allow PIN / TAN storage.
Some thoughts which may (or may not) convince your client that your app is as safe as it can be:
As long as the app runs on a non-jailbroken device, it is unlikely that an attacker, even with knowledge of your apps internals is able to get to any user data, because the iPhone normally doesn't offer opportunities to interfer with your app
If the attacker is able to get to your users data, and provided you have been protecting that data with all means available under iOS (-> keychain -> crypto chip ->...), then it's not your fault. It means the device is either jailbroken or there are vulnerabilities to the system itself which have been exploited, you just can't do anything about either possibility.
It is impossible to prevent reverse engineering of your app. Even if you had put more effort into obfuscation, an attacker with strong motivation would still be able to get what he wants. Your client needs to get used to this as it's a fact.
Other platforms suffer from similar vulnerabilities, yet on the iPhone at least you have a somewhat closed environment and a reduced risk of being attacked with trojans and the like.
The governments and security firms get hacked on a regular basis, although they should now how to protect themselves. This means life is inherently insecure, cope with it.
I was recently researching over this and I found this article helpful, especially the part quoted:
The code for a native app is stored in the form of a binary executable file, which is further encrypted; its decryption is performed only when the executable file is loaded by the processor into the random access memory and the whole decryption process happens at the hardware level. That is why it is very hard to create offline decryption tools. The only way to decrypt encrypted binary data is on a jailbroken device with a few special tools installed.
Security in iOS: Protecting .ipa File Content by Stoyan Stoyanov
I've searched the web for this bit to no avail - I Hope some one can point me in the right direction. I'm happy to look things up, but its knowing where to start.
I am creating an iPhone app which takes content updates from a webserver and will also push feedback there. Whilst the content is obviously available via the app, I don't want the source address to be discovered and published my some unhelpful person so that it all becomes freely available.
I'm therefore looking at placing it in a mySQL database and possibly writing some PHP routines to provide access to my http(s) requests. That's all pretty new to me but I can probably do it. However, I'm not sure where to start with the security question. Something simple and straightforward would be great. Also, any guidance on whether to stick with the XML parser I currently have or to switch to JSON would be much appreciated.
The content consists of straightforward data but also html and images.
Doing exactly what you want (prevent users from 'unauthorized' apps to get access to this data') is rather difficult because at the end of the day, any access codes and/or URLs will be stored in your app for someone to dig up and exploit.
If you can, consider authenticating against the USER not the App. So that even if there is a 3rd party app created that can access this data from where ever you store it, you can still disable it on a per-user basis.
Like everything in the field of Information Security, you have to consider the cost-benefit. You need to weigh-up the value of your data vs. the cost of your security both in terms of actual development cost and the cost of protecting it as well as the cost of inconveniencing users to the point that you can't sell your data at all.
Good luck!
I want to know if there is a possibility to add a team member in iPhone Developer Portal that will have permissions (see / modify / update) ONLY to one application.
The reason - there is a big company (that has many applications in the App Store) that uploaded one of my applications and I have hard time to send an update to the application (can't access the guy that is responsible for all the iPhone applications).
I want to ask them to add me as a team member, but they might agree only if I won't be able to see/touch any other application except the one that I have developed...
Thank you.
I don't believe this is possible; there are no per-app permissions.
The available "roles" are explained here:
http://developer.apple.com/programs/roles/index.php
It seems a bit odd if they trust you to write an application that they've published under their corporate identity, but don't trust that you'll only change what you're meant to. Either way is seems the only solution to your problem is likely to be a non-technical one; you need to find a way to get to that guy, whether it's appealing to his better nature, or finding a path to someone more senior who can lean on him.