here is the things: there are some data sensitive which be stored in the device using NSCoding serialization.
I'd like to know is there a way the other people can find the key and unarchived the serialized object file to get data?
Thanks for help.
It is not safe to store sensitive data just using NSCoding. The NSCoded values are not encrypted in any way - you don't even need to know the keys - you can just look at a stored file directly and easily see the values if they are strings.
Sensitive data (particularly API access keys that provide privileged access to back-end web services or financial information) ideally should not be kept on the client device at all. Even when encrypted. In the extreme case, a black hat who has your app installed on their device can mount a man-in-the-middle attack and snoop on your internet traffic with your server. Instead you should a device-specific token approach if concerned about security so you can revoke a token if necessary without affecting other users.
If really concerned, you should look at two factor authentication in addition to the token.
Here is an intro for further reading.
It depends. Each application is given its own 'sandbox' on the filesystem. On a device that has not been jailbroken, an app cannot look outside of its own sandbox. However, when a user connects their device to a Mac or PC, it is possible to use utility applications such as iExplorer (http://www.macroplant.com/iexplorer/) to access the sandbox of each app on their device.
Related
is the data stored on an iPad/iPhone encrypted?
I assume that the iPad/iPhone has an advanced pass code (not just the 4-digit code).
So my question is if data that my custom app stores in the device is encrypted or not (if no special methods are taken in the source code of the app). Would an attacker be able to read the data? What if he jailbreaks the device?
Thanks!
The answer is no if you don't apply any encrypting technique on it. You can try to use iExplorer to browse all the sandboxes of your device's applications. You may get surprised about the security of many apps out there.
I am just starting getting familiar with security in iOS, but from what I read and understood from Apple's IOS Security whitepaper, files are encrypted by per file encryption keys and those are encrypted by class keys assigned by the application that owns the files (which are sandboxed with the application). And then, the files access depends on the protection policy you assigned in your application.
However, from this answer, it is unclear if the encryption is always on, or just when the device if off or unlocked.
In any case, the above applies from non jailbreaked systems (not sure if they do for jailbreaked ones as well).
For example, is it possible the storage container key in the entitlements dictionary would accept "*" or "/", allowing me to access any and all data in that user's iCloud?
I am not worried about getting this app accepted into the app store.
No.
And, even if you could, there wouldn't be any way to enumerate that data. -[NSFileManager URLForUbiquityContainerIdentifier:] and friends require you to know the containers you want to access. (You can pass nil, but that just returns the first container you have access to, not some parent of all containers.)
And this is intentional. The public APIs aren't meant to let your app interfere with other apps' storage (except for related apps that share a team), for pretty good reasons. You may want to read iCloud Storage in Mac App Programming Guide (which doesn't require a paid membership to access).
So, how does the iCloud preference pane do it? Well, that's a secret. Presumably it either uses private APIs, or just talks to the iCloud web service directly in a way that the APIs can't. You could presumably reverse-engineer it, but that's the only way you'll be able to do this.
According to Apple documentation and other documentation I have read about on disk encryption on an iOS device, it seems that in order to take advantage of the advanced encryption of the device the user must have a passcode enabled so that when you use the NSDataWritingFileProtectionComplete attribute it will encrypt.
What if the user does not have a passcode set but I still want to ensure the files are encrypted? What options are there for this scenario?
Thanks!
Flea
iOS includes several APIs for encrypting data. The automatic on-disk encryption is a user-selected option that lets the user encrypt all the data written to the device's secondary storage. If you need your data to be encrypted whether or not the user chooses to turn on that option, encrypt the data yourself using one of the options provided.
Unless you really know what you're doing (and even if you think you do, you probably don't), it's generally a better idea to use the provided APIs which you can expect to have been written and reviewed by experts.
If you plan to distribute your app outside the US, and you use encryption, you will have to comply with the US Bureau of Commerce restrictions. If you use Apple's provided APIs and you are only using encryption to protect your content, you will be able to distribute your app internationally (according to Apple's iTunesConnect FAQ.)
However, if you write the encryption yourself you will have to go through a review process with the US government.
I've written more than one app that encrypts content on a server so it can be protected even after it has been downloaded to the device.
Even Apple's encryption doesn't prevent someone from making an unencrypted backup or mounting the device as a filesystem and taking the media files your app might have downloaded.
So, to protect your content you must encrypt it yourself. And, you must only decrypt it in ram and never as a temporary file in flash memory (which could be copied off the device.) This makes serving encrypted movies and PDFs a bit challenging. I use a decrypting web server thread; however, there are more modern approaches including a file-level delegate approach that might work better.
If I use SSL connection for my iphone app to query the database using web as the datasource, is it possible that the links and info that goes back and forth from the server to iphone will be encrypted in a way that nobody could see it. Additionally, i believe that the iPhone caches info, the web interface can cache data going to and from the device.
By another person i was told this:
SSL is only the transfer, what the app uses on the device is not encrypted just because what is transferred is. If the app uses no cache and you use SSL, you could be safe, the simple fact is that almost all apps cache data prior to transmitting it. Therefore, you would have unencrypted data on your device.
So what are my options if i want to build an app that uses the web as the datasource, stores nothing on the app, and uses no cache. I want all data coming from and to to be encrypted.
At some point, you're going to receive data from a server. That data needs to be put somewhere, like in a data buffer. There's absolutely no way around that. If you're using SSL then the transfer process will be encrypted. As your "other person" said, as long as you don't explicitly cache the data, then that's about as much as you can do to protect yourself on iOS.
I'm not sure exactly what you're expecting here, otherwise.
None. To do anything except transferring the data, you need to have it decrypted. If it is decrypted it will be in the RAM of your device. How secure that is depends on the application. In theory there are some operations that can be performed on encrypted data, but in practice this is only useful for a handful of applications (and it's a hard thing to develop).
Is storing secret keys (internal use passwords and such) on iPhone source code and project resources (such as plist files) secure?
Obviously nothing is 100% secure, but can this information be extracted easily from an installed app?
How do you recommend storing these keys to use them in the source code?
Just in case, this question is not about storing user passwords.
Found basically the same question with a longer discussion:
How would you keep secret data secret in an iPhone application?
To sump up: it seems there's no official way to securely store secret keys in the app binary.
Sorry for posting a duplicate question.
A lot depends on what you mean by secure. For normal device use it could be considered secure in that there is no way for a user to access it. However all bets are off for a jail-broken device which has complete access to the filesystem. So viewing a plist file in your application bundle is trivial on a jail-broken phone.
You might consider the use of the keychain which in theory would be safer and also has the advantage that the data will survive a reinstallation of your app. As before on a jail broken device nothing can be considered to be 100% secure but it depends how much trouble you want to go to.