If I use SSL connection for my iphone app to query the database using web as the datasource, is it possible that the links and info that goes back and forth from the server to iphone will be encrypted in a way that nobody could see it. Additionally, i believe that the iPhone caches info, the web interface can cache data going to and from the device.
By another person i was told this:
SSL is only the transfer, what the app uses on the device is not encrypted just because what is transferred is. If the app uses no cache and you use SSL, you could be safe, the simple fact is that almost all apps cache data prior to transmitting it. Therefore, you would have unencrypted data on your device.
So what are my options if i want to build an app that uses the web as the datasource, stores nothing on the app, and uses no cache. I want all data coming from and to to be encrypted.
At some point, you're going to receive data from a server. That data needs to be put somewhere, like in a data buffer. There's absolutely no way around that. If you're using SSL then the transfer process will be encrypted. As your "other person" said, as long as you don't explicitly cache the data, then that's about as much as you can do to protect yourself on iOS.
I'm not sure exactly what you're expecting here, otherwise.
None. To do anything except transferring the data, you need to have it decrypted. If it is decrypted it will be in the RAM of your device. How secure that is depends on the application. In theory there are some operations that can be performed on encrypted data, but in practice this is only useful for a handful of applications (and it's a hard thing to develop).
Related
here is the things: there are some data sensitive which be stored in the device using NSCoding serialization.
I'd like to know is there a way the other people can find the key and unarchived the serialized object file to get data?
Thanks for help.
It is not safe to store sensitive data just using NSCoding. The NSCoded values are not encrypted in any way - you don't even need to know the keys - you can just look at a stored file directly and easily see the values if they are strings.
Sensitive data (particularly API access keys that provide privileged access to back-end web services or financial information) ideally should not be kept on the client device at all. Even when encrypted. In the extreme case, a black hat who has your app installed on their device can mount a man-in-the-middle attack and snoop on your internet traffic with your server. Instead you should a device-specific token approach if concerned about security so you can revoke a token if necessary without affecting other users.
If really concerned, you should look at two factor authentication in addition to the token.
Here is an intro for further reading.
It depends. Each application is given its own 'sandbox' on the filesystem. On a device that has not been jailbroken, an app cannot look outside of its own sandbox. However, when a user connects their device to a Mac or PC, it is possible to use utility applications such as iExplorer (http://www.macroplant.com/iexplorer/) to access the sandbox of each app on their device.
According to Apple documentation and other documentation I have read about on disk encryption on an iOS device, it seems that in order to take advantage of the advanced encryption of the device the user must have a passcode enabled so that when you use the NSDataWritingFileProtectionComplete attribute it will encrypt.
What if the user does not have a passcode set but I still want to ensure the files are encrypted? What options are there for this scenario?
Thanks!
Flea
iOS includes several APIs for encrypting data. The automatic on-disk encryption is a user-selected option that lets the user encrypt all the data written to the device's secondary storage. If you need your data to be encrypted whether or not the user chooses to turn on that option, encrypt the data yourself using one of the options provided.
Unless you really know what you're doing (and even if you think you do, you probably don't), it's generally a better idea to use the provided APIs which you can expect to have been written and reviewed by experts.
If you plan to distribute your app outside the US, and you use encryption, you will have to comply with the US Bureau of Commerce restrictions. If you use Apple's provided APIs and you are only using encryption to protect your content, you will be able to distribute your app internationally (according to Apple's iTunesConnect FAQ.)
However, if you write the encryption yourself you will have to go through a review process with the US government.
I've written more than one app that encrypts content on a server so it can be protected even after it has been downloaded to the device.
Even Apple's encryption doesn't prevent someone from making an unencrypted backup or mounting the device as a filesystem and taking the media files your app might have downloaded.
So, to protect your content you must encrypt it yourself. And, you must only decrypt it in ram and never as a temporary file in flash memory (which could be copied off the device.) This makes serving encrypted movies and PDFs a bit challenging. I use a decrypting web server thread; however, there are more modern approaches including a file-level delegate approach that might work better.
I am developing my first iPhone application and currently considering whether to deploy the app packaged with data, instead of calling upon a web service for the info. The obvious benefits are for those situations where you have a poor/non-existent connection and i could easily write something that could update the client data periodically from within the app.
What i am not sure about is how to store the data - sqlite, core data, plist or iphone file structure - Simply because i dont want someone unzipping the deployed application and getting their hands on the raw data.
Is this actually feasable? or is pretty much everything accessible once its deployed as an app?
You cannot stop somebody from accessing the data stored on the device, independently if you use sqlite, core data, plist or iphone file structure. At least not within reasonable means.
What you can do rather easily is to make the data useless for unauthorized access. In other words: encrypt it.
If what format you store the encrypted data then depends on the app needs.
This is pretty tough to do. The easiest way to do this would be by using the Xcode Organizer panel and then looking at the applications that you have installed. If it is one of your applications (matching your dev credentials) then Xcode will give you the option to download the application's sandboxed folders (docs, temp, etc).
From memory, you cannot do this to another application that doesn't belong to you. So in short you are safe to include data in your app. Honestly though, if someone wants to get to that data, they always will given enough time and resources (thats my opinion about all security).
So I am working on a test app that downloads files locally to the app file storage sandbox. Some of these files may be sensitive and need to be protected. My app has a login mechanism, so you wouldn't be able to access the files if you didn't have a login, so my main concern is the ability to sniff the contents (Perhaps on a jailbroken device??).
Now I was wondering if the best method to protecting these files is to encrypt each one independently? Or perhaps there is a way to encrypt the whole sandbox? Or is it encrypted by default? Has anyone ever done anything like this before?
I apologize for the long string of questions, I am trying to gather as much info about this as possible before making a design decision...
Thanks!
You might want to look into the File Protection mechanisms in iOS 4 and later. That provides a way to mark a file as "protected" so it will be stored encrypted on disk at all times, only accessible when the device is unlocked (with a passcode).
See also this question
You can encrypt the whole sandbox using the OS if you target iPhone 4 with OS 4.x. Even then, iOS has this concept of an 'escrow keychain' which is basically a cache of passwords and can he potentially hacked into. As far as I am aware, Mail is the only app that encrypts everything.
In order to encrypt your application data in this way, you just need to set the appropriate NSFileProtectionKey as documented in NSFileManager. But, as mentioned, this is not entirely secure.
You could try a custom category on the file manager that encrypts files based on your own requirement so that you have encrypted documents. The choice is yours.
I want to create an app which holds sensitive information (imagine it's bank account details, thought it's not). The user enters this information on a form the first time the app starts up. I want this info to be saved, and available, any time the user uses the app (without having to enter a password). However, if the iPhone has a password lock on it, and is stolen, I don't want the data to be easily accessible from the file system.
What is the best way of encrypting or obfuscating the data? There is not a lot of data, just a dozen NSStrings from the UITextFields on the form.
I'm aware there are encryption export restrictions on the iPhone for non-US developers (I am in UK), so I would prefer to avoid going jumping through any of Apple's app submission hoops to get it on the store.
Why not use the built in Keychain Services? That's what it is for.
EDIT: There an article in SDKDevFAQ.com about Keychain Services that points to a tutorial and sample code on github. Also, check out this blog entry about using the Keychain.
I don't know if a jailbroken iPhone device lets you read NSUserDefaults from other applications or not. If not, you could just store your information in there instead of as a file.
Alternatively, you could generate some salt based on (but not equal to) the device ID, and simply XOR it with the bytes of the strings. As long as your algorithm to generate the salt isn't trivial and the strings aren't too long, the data will be fairly safe. Without getting into heavier encryption stuff, you can't guarantee too much more than "fairly safe".