When Apple's Remote app tries to connect to a Mac (running iTunes) on a local network (using WiFi), the user needs to enter a passcode provided by the iPhone as a security measure. This approach has been adopted by a number of other apps (e.g., Rowmote, Pastebot, ...). Is there an API that provides this way of working?
Assuming Bonjour is in play, how does an iPhone checks if the passcode entered on a Mac is correct without resolving the NSNetService the Mac is publishing? Or does the iPhone resolve the NSNetService a Mac is publishing and waits for the passcode to be confirmed before processing any other packets that might be sent via the NSNetService (packets other than the passcode).
I have a solution for my problem, but I would like to know if there's an API I have overlooked that provides a ready-made solution.
Advice and pointers are welcome.
Thanks in advance,
Bart
I don't believe there is an Apple provided API for this. I simply use the Bonjour APIs to open a connection between two devices, then have one randomly create a 4 digit passcode and ask the other device for it. The other device presents a UI to ask the user for the passcode, then transmits it back and waits for an answer. If they match, the devices store each other's identifiers to skip over this process the next time they connect.
Edit: Thanks to tc for pointing out that this implementation isn't totally secure. I'm now having one device create a unique, random password, and send it over to the other device, then store the SHA1 hash of the password for future reference. Then the other device stores the password and sends it back over whenever it connects for authentication. The user does the number code thing once in order to let the devices know that they should trust each other in the future, but now in order for a reverse engineer to connect to a device they would have to know both the identifier of and password for a valid, connected device. (Or they'd have to have access to both devices and do the number code thing; there isn't really a way to stop anyone from doing that, obviously).
Related
I tried searching around, but couldn't come up with much on the topic of this.
Is there an API or code within various Security API's that would allow some sort of passcode locking mechanism to enable whenever a device is connected (by Bluetooth, etc) and disable whenever said device is paired with the phone? An interesting concept I had thought up earlier today but can't seem to determine a method available for this.
The concept is pretty much this: if the phone is close enough to be connected over Bluetooth to the device (would be something like a smartwatch or other wearable computing) then the phone is on you and passcode entry can be disabled. However, when the device is not found by the iPhone, there is a physical distance between the two devices and the phone should lock up and not allow entry. This could even be some form of superficial lock mechanism on some apps (which exists already) that could activate based on this proximity awareness. This method is meant to failsafe by being a "lock first, then check" mentality that is paired to a specific address of the wearable computing. This could, in theory, be hacked, yes, but for general usage allows a user to have a no-maintenance method that can save some passcode entries from time to time should one find it annoying, but still want it's security potential.
Again, this idea is based on the assumption that said device connecting to your iPhone that the phone itself is searching for is physically latched to you somehow.
Thanks and I appreciate any sort of input or direction.
I am building an app where I do not want a loginsystem. I still want to be able to know what user is sending information to my online database. As far as I know, the UDID is not allowed to upload to any servers, so that is out of the question. Can I use the iphones mac address for this? If it is dynamic, it will change from time to time, and I won't be able to track it.
We use the MAC address as a unique identifier now the UDID has been deprecated.
MAC addresses are hardware based and therefore cannot be changed.
I am doing preliminary design of an iPhone app and I'm trying to find the answer to the following question: Does the MFI system allow an external accessory to restrict which particular iPhones are plugged into it?
I presume that I can add something to the external accessory protocol to do authentication/authorization. My question is, do I have to bother--does the MFI system already provide that?
I'm led to believe that if I register with the MFI program, I can get the answer, but I do not intend to ever do so. I will eventually work with a developer that is an MFI registeree. I suppose I could wait until I've established a relationship with such a developer and then ask them to find out, but I was hoping to get an answer to this one specific question prior to that point.
I'm hoping that as I am just looking for user level info, and not implementation details, that the answer is not hidden behind the MFI NDA.
Thanks.
Does the MFI system allow an external accessory to restrict which particular iPhones are plugged into it?
This is handled in the following manner:
The App must initiate a session using a protocol that the Accessory supports.
The App must know how to talk to the Accessory (i.e. how to encode/decode communication data).
There is nothing preventing any random iOS Device with the proper App installed from connecting to an External Accessory so long as the App meets the above requirements.
The External Accessory could implement some additional form of security (like sending a password maybe?) before opening up its full capabilities to the App. Obviously, this would require the Accessory developer and App developer to both know this extra procedure.
I want to send some Text plus a image from one iphone application to other iphone app but restriction is I should not use a web server in between communication,Is there any way to fulfill it ?
Details: There are two independent devices and could be far enough say out of network. My requirement one app adds some text with a image and sends it to another iphone which can be at any long distance , and the app installed in another iphone will read that info and image into itself.
Actually there is a solution that meets your needs — and that fits to bbums answer:
Create a HTTP-Server on the iPhone, using cocoahttpserver. than you will ask some webservice like whatismyip.com for your public ip. with this your iPhone can be connected worldwide.
But very likely ur wifi-network is not forwarding your port to the iPhone. Ash.
And even if: Now it gets difficult. How to publish your ip from one phone to the other? hmmm... — I got it: I will exchange the information in a centralized space! In the web!
... wait — that would be a Webserver.
You see: Without any kind of server in the Web the users would need to exchange ip manually and have full admin power and knowledge about the local network.
So IMHO bbums answer is the only way to go.
PS: I am working with http server running on iPhones. In local network that works great, especially with bonjour. And you can use them over distance network — but only with reconfiguration of your router — something you shouldn't force your user to do
There is far from enough information to provide a specific answer.
two apps on two different devices?
are the two devices on the same network?
are the two devices both on WiFi?
do you need the user to receive a notification or something if the app isn't running?
If on same device, you can define a custom URL handler in the destination app and then openURL: in the source app to pass the data over. Encode your image and text into the URL, but be careful of size limitations.
If on different devices, there are many possible solutions, but answering the above questions will be critical to actually knowing what solution is appropriate.
Given your comment -- two apps, different devices, arbitrary networks -- then you are going to have to have some kind of server in between. Note that the recently added Game Center does have the ability to rendezvous two users, but it has a very particular user experience that may not be appropriate to your needs.
I would suggest that you investigate using push notifications to notify the receiving user of the availability of content. As for moving the content between, no direct connection is possible and you will have to have some kind of store-and-forward server in between. And, yes, a web server is going to be the easiest possible solution simply because HTTP is ubiquitous these days.
If there's no network of any kind available, but both parties have amateur radio licenses, then hooking the two devices up to HF packet radios might work.
THIS is super EASY.
I would code up some software that can turn data into modem signal, like the good old dial up modem. The device would actually make those annoying buzzing sounds.
You get the phone number for your friends nearest landline and call him.
He places his iPhone near the phones receiver in listen mode and you connect to his phone using your audible modem.
Bingo, via the power of sounds you have sent data which is decoded on his device and all for the very cheap price of a phone call, there are pretty cheap these days especially if you use Skype.
Easy Way (relatively speaking)
A way two apps on different networks can communicate without setting up a web server of some sort is as follows.
Use an existing third party storage system like DropBox.
Each app would need the login and password for your DropBox. Then both apps can read and write files that the other app can see.
An existing app that does this is a shopping list app called ShopShop.
The app on my phone and my wife's phone both link to the same DropBox account and the app keeps the shopping list synced up when one of us adds something to the list.
Could someone suggest a tutorial/sample on how an Iphone application can send data to a remote server using Carrier Data Network only? In other words is there a way an application can programmatically force to enable Carrier Data Network communication, use it to send its request to the remote server and switch it back to user specific communication settings.
I am taking this approach because my application needs to send user's personal info to my server and sending it over public WiFi does not sound right. Please let me know if there is better approach to it....
Thanks
Since no one's writing a full answer ...
I don't know if it's possible to detect CDN vs Wi-Fi, although at some level it must be because the App Store is capable of determining such to prevent large CDN downloads. Of course, the App Store app has access to the private APIs; this functionality may not be exposed publicly. (I don't know if that is the case or not, but be sure you do not use private APIs for your app; the store won't accept it.)
That said, think about the use case of your app, and the marketplace. The iPhone OS and the iPhone App Store are more than just the phones themselves -- they're the iPhone and iPod Touch devices. iPod Touches do not have a CDN; they're Wi-Fi only for connectivity.
As Marc W said in a comment, not all Wi-Fi is public, not all public Wi-Fi is free, and you will likely upset a significant portion of your audience -- people (presumably and hopefully) giving you money.
A better solution would be to use SSL to provide encryption of the private data during transport. This is widely available, works over CDN or Wi-Fi, and provides all the security you should need.
If you look at the Apple Reachability example code, you can test for how you would access a host - however I agree with the other posters that you should consider encrypting your data and let your user's determine how they want to connect to the Internet, and not force one form of connection.
-t