I have developed an iPad application and I have distributed that application to my clients. Now my clients ask what will happen if their iPad lost or stolen. My iPad application has very sensitive data. So they need to wipe out remotely if iPad is stolen or lost.
I found two solutions.
One is configure 'Find My iPad' in each iPad with same apple account.
Second one is configuring MDM server with push notifications.
If I'm going to configure MDM server I need to contact third party vendor who supports push notifications service of apple or I need to buy Lion Server and configure profile Manager.
Can some one tell me what is the best solution to implement and pros and cons of these two options.
Push notifications won't help you here - they only will pop up a message to the user, you cannot influence the app from them.
Possible solutions:
Protect your app with username / password: Each user should choose a username and password, store those in the keychain and check on app start. Of course you should also encrypt all data with the password when storing it to the device.
Like said above, implement a server request which gets the unique id of the installed app (of course you'd have to create one first on first app startup), returns whether the app is reported as stolen and then either do nothing or delete all data. I'd be careful about deleting though in case there was an error somewhere in your implementation and you wipe out a 'normal' application's data. Also in this case I'd encrypt any sensitive data that is stored to the device. This solution also won't work when the app is offline, of course.
Just make a web service and get response from server, and after getting response , run your application otherwise kill.
if(stolen)
exit(0);
else
run
Related
I want to create an application which will be notified by server for new events. (lets say I have a shop and I need to inform all my iPhone users for my sales or something like this) Users who will download my application and run it and then put it in background wil have to be notified by this. Im quite new to iOS and Objective-C but if im not wrong this could be done via apple push notifications. Ive been reading about this and found out there are some providers that let you send this notifications. My question is, are there ways to create your own notification "center" in lets say c# and send notifications to iPhone-s by yourself, also if this could not be done are there any free providers?
and another thing. In objective-c app you have to subscribe your app to listen to that kind of events. Could you create app in phonegap or some other technologies so it will work with notifications? could you lets say embeed your app in objective-c (like web app in objective-c)
For sure you can do your own C# program that will push APNs to your clients (in fact I did that myself in many apps). What you have to understand is that the architecture of APN has 2 critical facts:
APNs are best effort, so no guarantee that they will reach every time.
APNs can not hold a lot of information with them when they reach your client (they have a limited number of bits, refer to the Apple documentation).
Due to these facts you might need to have your own server application (also could be in C#) that will handle sending the real information to the clients and will make sure that the data reached your client as well. Needless to say, this server application should sit and run on a real server. Maybe due to this fact some developers start looking for a third party solution, but personally I prefer not to use a third party and I do everything myself.
Other than having your own server application, your iPhone app will need to have some sort of database (probably SQLite3) to store the received news and display them later on.
EDIT: Answer of your questions in the comments below:
For the first question "why iPhone app must have sql db". In fact it is not a must, as I said in my answer above, it is probable or a possibility. To know if you will need a database or not this depends on the nature of your app itself. For example you might be pushing text and images to your clients and in that case you can not fit such data in the payload of the APN. Another possibility, you might want not to lose the sent notification even if the user discarded the APN message, you might want to show it again when he opens the app later on... So the nature of the app decides whether you will need a server or not.
For the second question "you said you dont need to send notification via third party", let me clarify something in my answer. As an Apple developer I don't consider Apple servers as third party. Put differently, the real APN will only be sent via Apple servers and we can not change this fact (nor do we want to change it too). So at the end of the day the real APN will be sent to Apple servers and Apple servers will work on delivering it to the actual client. What I consider a third party is someone that has his own server, you send the message you want to him, and then he sends it to Apple servers. In that case there is someone between you and the Appl APN servers and this is what I called a third party, and this third party can be avoided as your C# code can directly connect to the Apple APN servers and ask it to send the message to the client. I hope I clarified my point.
Yes, you can use APNS with the phonegap application: Receiving push notification on PhoneGap for iOS
Regarding the server, there is another option for you besides doing everything from scratch. You can use the third-party server via API, seems that pushwoosh (http://pushwoosh.com) guys offer this option (and they provide phonegap integration as well)
Just to start I, I want to say I have read the this tutorial: http://www.raywenderlich.com/3443/apple-push-notification-services-tutorial-part-12
After reading it, had a few questions about push notifications... my main questions is, is a server required.
I have made an app that has informational content for my business... however every week/month or whenever I choose, I want to be able to push a message to all the user who have downloaded my app (every device would receive the same message).
Preferably, the way I would want to create and send the notifications... is through a separate app that I, the developer only has.
Now back to my question, would I need to get a server to do this?
There are a lot of free Push Notification servers - for example QuickBlox
You don't need any server code, QuickBlox already wrote all for you.
Just look at Push Notifications iOS sample - This sample enables you to send notifications and alerts to users at any time through an API or easy-to-use admin panel.
Just download it, move some code from it to your app - and enjoy it.
We use a framework called Parse that let's us send broadcast pushes to all users. You don't need to maintain a server (they do it for you). It's free for under 5 million queries a month.
No you dont need a server, you can simply create your own application that connects to the apple push notification server but you have to ensure you use the required develop/publish certificate for the ssl connection, you can see that on the tutorial you read in the "Making a PEM file" secction. He is connecting directly from his mac to the servers, it fails without the certificate but it doesnt with it.
See here:
As I’ve mentioned a few times before, you need to set up a server that
sends the push notifications to your app. For this first test, we’re
not going to set up a server just yet. Instead, I’ll give you a very
simple PHP script that sets up a connection to APNS and sends a push
notification to a device token that you specify. You can run this
straight from your Mac.
You can make your program set up a connection like that.
Is there any good advice on uploading files to the device? I've seen many apps create a http server on 80 or 8080 to upload files. Does that mean I have to implement a server too?
Are there any 3rd-party libraries? (Preferably open-source and non-GPL)
EDIT: I am going to upgrade files in the app for specific devices in a corporate environment, so the ipad pulling files from a central server is also an alternative. But I would have to send messages to these ipads to tell them to fetch those files.
But I would have to send messages to
these ipads to tell them to fetch
those files.
Push Notification Programming Guide
Or mail with custom URL scheme for launching your application.
iOS Application Programming Guide - Implementing Custom URL Schemes
I assume what you want is a kind of automatic update. An app do something by order from server without user's manual operation.
I don't know enterprise-license specific feature of iOS. But I believe there's no such enterprise-specific APIs. And as I know, automatic update is almost impossible. Because,
There is no system-level support for automatic update. (yet?)
So messaging and fetching feature should be implemented in app.
But no app is guaranteed to run in background for long time.
And also user can turn off any app at any time.
There is no way to send message to an app which is not running.
Even you can send, there is no way to address each client form the server.
If your app is running, sending message or commanding them to fetch or do anything is just a simple work. The problem is there is no regular way to force them always keep alive. Even under situations like OS reboot or abnormal termination.
However there is an alternative. Just registering app as VOIP app like Skype. OS does not keep the app running too, but will monitor specific socket port, and will wake your app when the socket receives some message. For more details, see here: http://developer.apple.com/library/ios/documentation/iphone/conceptual/iphoneosprogrammingguide/BackgroundExecution/BackgroundExecution.html#//apple_ref/doc/uid/TP40007072-CH5-SW15
In AppStore, an app using VOIP for other purpose like automatic update will not be passed, but you have no need to concern about it.
And other way to send message to device without running app is push notification. This is a feature supported in system-level. But this is not designed to commanding app. This is designed to send textual message. So If your app is not running, the message will be displayed to user. However, you can guide the user to start the app by sending push notification.
As a final option, you can request some feature to Apple for enterprise environment. If your company is big enough to get an enterprise license, Apple will consider your feature request seriously.
If you decided to use VOIP method, I'm sorry I can't help you any more. I have no experience of implementing this kind of app. But it should not so hard.
However hard part is server. It definitely require custom server program which keeps TCP/IP connection. Regular HTTP server cannot be used. Because HTTP itself is designed as not to keep TCP/IP connection. You have to build this kind of server yourself from scratch. You'll have to handle lower level TCP/IP transmissions.
There are a few solutions(both of free/commercial) for this kind of server, but none of are popular because this kind of server regularly needs full customization. So there's nothing to re-use or share.
However I believe this is most suitable implementation for your app.
If you can satisfy automatic update only when the app is running, you can archive it by polling server status from the client periodically.
This is easy to implement because you can use regular HTTP servers for this. Client connect and download recent updates from central server periodically. If there is a new update, just fetch and do what you want. And the app is launched, just check the update at first. Prevent all operation until update applied.
This is regular way. Most of applications are built with this method. In this case, you have no need to implement server or hard thing.
However applying speed of update is depend on polling period.
(Edit)
I couldn't care about private APIs. Because your app is not for AppStore, so you can use private API's freely. (This is different thing with jail-breaking. There are so many hidden features by excluded from documentation) I don't know about private APIs, but it's possible there is some API which enable the support for keep-alive of the app.
However, this reverse engineering work is so painful unless you're born to hack.
You may try to use the following open-source in your project:
http://code.google.com/p/cocoahttpserver/
https://github.com/robin/cocoa-web-resource/wiki
Apple has some sample code on their website that details exactly what you're looking for:
http://developer.apple.com/library/mac/samplecode/CocoaHTTPServer/CocoaHTTPServer.zip
So you have a couple options:
You could distribute your app wirelessly within your organization and push new content out as app updates. Apple provides this option to their Enterprise Developers.
Wireless App Distribution
iPhone enables enterprises to securely host and wirelessly distribute in-house apps to employees over Wi-Fi and 3G. Apps can be updated without requiring users to connect to their computers. In-house apps can be hosted on any web server accessible to users. Users simply tap on a URL to install apps wirelessly without needing to connect to their computers.
The alternative is you configure the app to fetch the updated data. You describe adding an HTTP server to the iOS device, but there's no way the server can receive data when the app isn't running. Given your needs, it would probably work better to embed a web client in your app instead.
If I was in your shoes (and option #1 didn't work), I'd use ASIHTTPRequest to check with a server at launch/daily. If there are new updates, the app could then either prompt the user that there are new data files to download, or it could just silently download them in a background thread.
UPDATED: Perhaps I should have been more explicit about how to do #2. You can configure the download so it isn't interrupted when the user quits the app (you don't need to do a Voip hack). Check out the Completing a Finite Length Task in the Background section in the iOS Programming Guide.
There are http server sample codes from Apple and open source community such as cocoahttpserver TouchHTTPD.
You can upload file to the http server on iphone.
Here's a blog and screen-shots about running cocoahttpserver and upload file to iphone.
The Python CGIHTTPServer allows you to create a server in 0 lines of code:
jcomeau#intrepid:~/rentacoder/bin2txt$ python -m CGIHTTPServer
Serving HTTP on 0.0.0.0 port 8000 ...
Actually implementing a script to parse the input and save the file would take a little more effort.
[later]
OK, so forget about that, Apple doesn't allow it. See Local server on iPad for the iPad at least.
How does Apple do polling of a phone's location remotely? Is there any API that allows an app developer to do the same with the SDK?
My guess is that they are private, undocumented and probably un-callable api's.
I couldn't imagine the huge security implications of having an external party/app be about to poll a phone location without the users consent.
An iOS device already maintains a connection to one of Apple's push servers if push is enabled, and the server has to know the device on the end of the connection (to determine the push notifications to deliver to it). The easiest way to build on this is to have the server say "tell me where you are!" as a push notification.
The device also hits Apple's servers for other reasons (App Store updates, captive login page detection), but it's less likely that the server can identify the device in these cases.
That said, you can do this with the user's consent:
Make your app a background "voip" app (<key>UIBackgroundModes</key><array><string>voip</string></array> I think)
At app launch, check that you can retrieve the current location (I'm not sure what happens if you do this while your app is backgrounded).
Maintain a "voip" connection to your server.
When the server asks the device for its location, ask Core Location for the location again and send it to the server. (I think you also need either "location" in UIBackgroundModes or you need to keep the connection active, possibly in both directions; the former may be easier.)
You won't be able to stop the "location services" icon from appearing in the status bar. The usual multitasking caveats also apply (your app can be killed if the phone runs out of memory; "voip" causes your app to be relaunched sometime later though).
I'm pretty sure if you do the "voip trick" your app will be refused from the store. It is only allowed if your app is actually a VOIP app, not just using it as a technique to circumvent background processing restrictions.
My iPhone app consumes a Java web service in order to get data. At my company we have 3 environments - development, testing, production. Each environment's URL, that points to the web service, is different. Thus, each time we promote the project to the next environment I must change the hard-coded URL in the iPhone code to match that of the targeted environment. Has anyone devised a strategy to handle this either on the iPhone itself or in the service layer?
Try storing the variable part of the URL in your app's info.plist file. You can change that w/o rebuilding.
If more config changes are needed, VCS branching may be what you need.
You might consider the following approach:
When you start up your app, or rather when you have established that a network connection is possible, you send your device id to the server.
The server checks your device id against a list and tells your app whether the user talking to the server is allowed to see development and testing content.
If your device is allowed to, you provide an interface for the user to change whether they want to see development, testing or production content. Store that in NSUserDefaults
Depending on user choice, the corresponding url is used to talk to your server. To be sure, you can include your device id check here, too.
This approach has the benefit that you can allow clients to see testing content... without ever having to update or change their app. And you can revoke that permission anytime.