I have an application that is implementing storage using Key/Value pairs in iCloud. From what I read in the documentation this is almost identical to the way NSUserDefaults work.
However this potentially creates a problem because the user should not have the ability to tamper with the app data stored in there. Does this mean that the user can access this data and modify it? Or is it private to the application?
Okay reading deeply in the documentation it says
If your app needs to store passwords, do not use iCloud storage APIs
for that. The correct API for storing and managing passwords is
Keychain Services, as described in Keychain Services Reference.
I found this text here just one line before the last table :)
I also found somewhere that the user can delete his iCloud data manually which can be counted as a modification.
Also, read here, section fro "Start Fresh If Your iCloud Data Becomes Inconsistent During Development" where it says how you can clean the container. Maybe you can check what is visible inside.
It depends what type of data you are storing in the iCloud if it's sensitive then I would use keychain services approach and avoid storing sensitive information on the iCloud.
From the question it seems like you are storing the data in key-value pairs, usually, it's recommended to store preferences, settings, and simple app state and that should be ok because the user can change those, you should choose the right iCloud API for what you want to store
With iCloud the user can always delete the information it has stored as mentioned in the documentation
There may be times when a user wants to delete content from iCloud.
Provide UI to help your users understand that deleting a document from
iCloud removes it from the user’s iCloud account and from all of their
iCloud-enabled devices. Provide users with the opportunity to confirm
or cancel deletion
When you ask
Or is it private to the application?
There's an iCloud identifier in your entitlements file. If it's the same in both apps you'll be able to access the same data/documents across both the apps.
Hope that helps.
Related
I need some clarification and Microsoft documentation is only confusing me more.
I want to save a txt file in iCloud so the user doesn't loose some data that belongs to them.
This db document is some information I am retrieving from a local database and storing in a text file. I have seen two ways of doing this.. however all the posts on this topic are very outdated and I don't know which way might be best or if they are even doing what I trying to do.
All I would like is to be able to have the user backup this particular file to their iCloud account, so they can still keep this info even if they change phones or delete the app and want to restore from iCloud.
Microsoft's documentation points me to this page https://learn.microsoft.com/en-us/xamarin/ios/data-cloud/introduction-to-icloud
I began setting up the provisioning profiles and setting the iCloud options on the entitlements page etc. However the documentation when sideways for me when they began creating a monkey page UI Document and having the user manager the ubiquity documents (which I don't want) I actually don't want the user even seeing this Txt file. However this option shows how to check if the iCloud is even turned on on this user's phone.
Now this other option I think is more straight forward and I read the documentation on it here https://learn.microsoft.com/en-us/xamarin/ios/app-fundamentals/file-system using something like this to store and retrieve a document:
var libraryPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.Personal), "..", "Library");
However what if iCloud is turned off? Is this an automatic backup option?
Any type of explanation is helpful.
The iCloud storage API in iOS 5 allows applications to save user documents and application-specific data to a central location and access those items from all the user's devices.
About the definition of iCloud, you will know that it will save your data to cloud server. And it can be used in all the user's device if turn on the iCloud.
However what if iCloud is turned off?Is this an automatic backup option?
Therefore, if iCloud is turned off, you could backup the data in device although it will not be used for other user's devices. You could save it in Application directories. This should be a good chooice to backup your data. And you also can get the data when you need them.
In addition, you also can use other cloud server APIs to backup your data. Such as Azure Storage, Firebase Storage etc.
The question might seem weird (and stupid) at first, but keep reading...
I used iCloud Key-Value Storage in one of my apps and now I need to Transfer this app to another Developer Account. But it's, for some reason, impossible to transfer apps if they've used iCloud Entitlements (why no warning?!?!).
So...In other words, I need to remove my original app and create a new one in my new Developer Account. But before that happen, I want my existing users to be able to sync their data to a common iCloud Key-Value Storage, but directed at the new app "container".
If, the "new" app is Live, would it be possible to point at that app Cloud Container (from my old one)? (e.g. my old app saves iCloud data to the new container).
When reading my own question I just think "this sounds like a big security breach if possible", so my guess is, no. But there's nothing in the Apple Documentation that says that this is not possible.
I'm not interested in solutions that involves users saving data on an external db (I know this is possible, but not what I'm looking for right now). Is there some way to save the data locally on disk (without being removed when app is removed) and then read it from the other app?
From Apple's NSUbiquitousKeyValueStore documentation:
If you write to the key-value store object when the user is not signed into an iCloud account, the data is stored locally until the next synchronization opportunity. When the user signs into an iCloud account, the system automatically reconciles your local, on-disk keys and values with those on the iCloud server.
Therefore if a user never signs into an iCloud account, the key-value store object is stored locally indefinitely, much like NSUserDefaults.
In this case, should we all stop using NSUserDefaults and just use NSUbiquitousKeyValueStore as a 'default' for all apps? What are the disadvantages of this approach?
An advantage I can see is that from a user perspective the app preferences will be synced across all their devices, which is most likely a better user experience!
We should clearly understand that NSUbiquitousKeyValueStore in the iCloud is for the configuration and tracking of the app state across all devices of the certain account.
Some facts bout NSUbiquitousKeyValueStore.
In the documentation we can find that :
Avoid using this class for data that is essential to your app’s
behavior when offline; instead, store such data directly into the
local user defaults database.
Also size of the data that is possible to save is relatively small.
The total amount of space available in your app’s key-value store, for
a given user, is 1 MB. There is a per-key value size limit of 1 MB,
and a maximum of 1024 keys.
I have found if the user goes into their iCloud settings and turns your app switch off - you will no longer be able to save to NSUbiquitousKeyValueStore.
Your app will start with it enabled. Then you may save data there. Once iCloud is turned off, it will always be accessible to read - but if you update the data and restart the app, i believe you will see it revert back to what it was before the user turned off iCloud support in iCloud settings.
This is a problem I am working with at the moment. I am trying to find a way to test if that switch is on/off and change my data store to NSUserDefaults.
Correct me if I am wrong but that is what I have discovered so far.
-mark
edit: this is only if you have registered for iCloud Documents. If you are ONLY using NSUbiquitousKeyValueStore it should be virtually the same - I believe.
edit-edit: now its acting different. The switch is there when ONLY NSUbiquitousKeyValueStore is checked in the iCloud capabilities. So looking - again - for a way to detect if that switch is flipped for an app in iCloud Settings.
I don't have any important data in my app. But when i read this tutorial i have a few questions ?
Only documents and other data that is user-generated, or that cannot
otherwise be recreated by your application, should be stored in the
/Documents directory and will be automatically
backed up by iCloud.
Do i need to save UserDefaults to iCloud ? And will my app approve if i don't use iCloud ?
And if i need can you show me how to save user default settings ? Because i found only tutorials how to save data from database.
You misunderstand what that is saying.
When a user backup's up their devices using iTunes or iCloud, only certain parts of the app's sandbox is backed up. So there are two important aspects here:
Only backup data that can't be replaced.
Be sure to backup irreplaceable data.
NSUserDefaults is one of the things that will be backed up for you. You don't need to do anything special.
You don't need iCloud support unless your app has a specific need to use it.
I an building my first iOS application and I need to store the user registration details of the user using the application. The details include his mobile number and a unique id( uuid ) which I use to contact with the backend. It would be great if I could get a suggestion on where to store this user details.
Should I be storing this in the NSUserDefaults or should I be using Keychains to store this data or even may be a using a user model in the database ( I would need a database in any case to store a few other details ). Just to add on, I also would like to perform a few validations like if the mobile number is of proper format and so on before I could actually save it. Also can any one please suggest on the security aspects of different storage mechanisms possible here?
Any help on this would be much appreciated.
The most secure way would be to use keychain services as the data is encrypted but in your scenario it seems a bit over kill. I would recommend either just using NSUserDefaults or an sqlite database I wouldn't really recommend storing in a plist as this can be accessed really easily.
But this all depends on the data you are getting, if it was just uuid and mobile number then NSUserDefaults would do probably, whereas if you were getting usernames and passwords and other personal data I would looking a mix of keychain and sqlite database.
Also you could use coredata file to store user data but seems a bit over kill as well for for such little data.
Just a little note you are actually not allowed to get the iPhones mobile phone number programmatically, getting this would use Private APIs that Apple would reject your app for using.
2.5 Apps that use non-public APIs will be rejected
So you would have to ask he user for this.
Database selection is totally depend on the architecture and security, if you just need to store the few information like login details and some field then Keychain for login details and plist for data is best option, but if your application also working with services and fetching and saving lots of data and continuously updating it then a serious database structure required. In that scenario core data and sqlite both are good option depends on your preference
Following ways you can save details.
In NSUserDefaults
In coredata file.
In sqlite database
Plist file.(Not recommended)
You can save data at server site using webservice.
Any one of these you can use according to your requirement and data.
Cheers :)
If you store information on the UserDefaults, a jailbroken device can see the information you have stored, it is a plist after all. If you are going to keep sensitive data on your device, user defaults itself is not a good option. Possible alternatives:
Use keychain: Keychain is a tool to keep usernames & passwords securely on a device; so you may need to find a way to convert all the info you have mentioned ( a dict, I presume? ) into NSData and put into/get from the keychain but it's been explained on other threads. Additionally, keep in mind that when the app is deleted, keychain data will persist on the device.
UserDefaults & encrpytion: If you can encrypt the data yourself, than using UserDefaults might be a better option. Its more straightforward than keychain and it will be deleted if you delete the app from the device (which may be the thing you want, or not. It depends)