The question might seem weird (and stupid) at first, but keep reading...
I used iCloud Key-Value Storage in one of my apps and now I need to Transfer this app to another Developer Account. But it's, for some reason, impossible to transfer apps if they've used iCloud Entitlements (why no warning?!?!).
So...In other words, I need to remove my original app and create a new one in my new Developer Account. But before that happen, I want my existing users to be able to sync their data to a common iCloud Key-Value Storage, but directed at the new app "container".
If, the "new" app is Live, would it be possible to point at that app Cloud Container (from my old one)? (e.g. my old app saves iCloud data to the new container).
When reading my own question I just think "this sounds like a big security breach if possible", so my guess is, no. But there's nothing in the Apple Documentation that says that this is not possible.
I'm not interested in solutions that involves users saving data on an external db (I know this is possible, but not what I'm looking for right now). Is there some way to save the data locally on disk (without being removed when app is removed) and then read it from the other app?
Related
I have an application that is implementing storage using Key/Value pairs in iCloud. From what I read in the documentation this is almost identical to the way NSUserDefaults work.
However this potentially creates a problem because the user should not have the ability to tamper with the app data stored in there. Does this mean that the user can access this data and modify it? Or is it private to the application?
Okay reading deeply in the documentation it says
If your app needs to store passwords, do not use iCloud storage APIs
for that. The correct API for storing and managing passwords is
Keychain Services, as described in Keychain Services Reference.
I found this text here just one line before the last table :)
I also found somewhere that the user can delete his iCloud data manually which can be counted as a modification.
Also, read here, section fro "Start Fresh If Your iCloud Data Becomes Inconsistent During Development" where it says how you can clean the container. Maybe you can check what is visible inside.
It depends what type of data you are storing in the iCloud if it's sensitive then I would use keychain services approach and avoid storing sensitive information on the iCloud.
From the question it seems like you are storing the data in key-value pairs, usually, it's recommended to store preferences, settings, and simple app state and that should be ok because the user can change those, you should choose the right iCloud API for what you want to store
With iCloud the user can always delete the information it has stored as mentioned in the documentation
There may be times when a user wants to delete content from iCloud.
Provide UI to help your users understand that deleting a document from
iCloud removes it from the user’s iCloud account and from all of their
iCloud-enabled devices. Provide users with the opportunity to confirm
or cancel deletion
When you ask
Or is it private to the application?
There's an iCloud identifier in your entitlements file. If it's the same in both apps you'll be able to access the same data/documents across both the apps.
Hope that helps.
I am trying to build a mobile monitoring tool/app for iOS without Jailbreak. The only possible way to perfectly access all installed app's content is through iCloudKit.
Also I found Apple's MDM come a little close to this for BYOD devices but yet accessing individual application's data is not possible.
During all this process, I came across some website fonemonitor and phonemonitor (with and without) who claim to do the same without Jail Break.
So here is my question is it possible to take any application's data if we get access to the users iCloud account? Also, are all public, private and shared data accessible via iCloudKit? As the documentation clearly states private data is untouched.
How does app monitoring work for any iOS Devices through these websites. Any lead would actually help!
There seem to be a few different ways for an app to store data in iCloud (iCloud Drive Documents, Core Data with iCloud Sync, CloudKit Private Databases, Key Value Pairs etc) but I'm not sure if that's all. Which of these different types of iCloud storage appear to the user in the iCloud 'Manage Storage' menu (i.e. some apps don't appear at all whereas others list 'Documents and Data' whereas others list files that can be individually removed but don't appear in iCloud Drive)? I'm trying to figure out but the documentation's a bit vague on this.
Aaron,
There are three "Apple owned" places you can store data for an iOS device, on the device itself, in an iCloud Drive and/or in the iCloudKit database.
The iCloudKit database has within it three more places. Two of those are databases in the true sense of the word, so structured areas you can store information within, namely key/value pairs and CloudKit. A CloudKit database itself breaks down into two more principle divisions, public and private areas.
Their accessibility is governed on a user/app basis. So you as a developer can opt to use or indeed make your files accessible on them or not. The rules governing who can access what can be confusing, especially as they can/have been changing over different iOS releases.
The iCloud Drive is the most and least flexible, you can store everything on it but you cannot share anything within it, except with yourself.
The iCloud key/pair database comes next, except it is used exclusively by an application to store application state/preferences only [it has a very limited space], again you can share it with yourself only.
The CloudKit database comes next, again something that would be used on an application by application basis. So apps do not share databases and cannot access other app databases, unless they come from the same author and sharing is a built in functionality that has been explicitly intended.
That said, the CloudKit database has two distinct areas a private and a public one. The private area can be accessed by a single user of an app, the public area can be accessed by anybody using said app on any iOS device.
CloudKit documents are an area where Apple store documents from its apps principally, so keynotes, pages and numbers; although they have opened it up somewhat in recent years. They can be shared with other users too using on of the apps designed specifically to store data within the iCloudKit documents area. It is the closest you'll get to a dropbox under iOS, short of using dropbox fof course.
Finally you can store data on your iOS device itself and opt in to share that with others on the same device too thru Apple's files app, although that that is a very recent status quo, so only available for apps designed to run under iOS 11 explicitly opted into the new status quo.
All that said, Apple counts all the places as one in the same when it comes to storage limits, be warned if you want design/build an app using cloudKit storage; if Apple deem you did so recklessly, you won't get a foot in on the app store.
As final comment Apple security policies are designed as a general rule to ensure you as a user have quite fine grained control over who accesses their data, it was/is an intentional decision on their part to protect you from yourself. As a general rule, it works well; which is why you see almost no viruses under iOS.
Scenario:
I "control" two different apps, App A and App B, both which the user has installed
App A is running
App A needs to obtain a string that was set by App B when App B last ran.
After obtaining the string, App A will still be running
User should not receive any feedback this communication is happening. E.g. no "switching animations" between A or B, no pop-ups, etc.
Constraints:
Apps are released under different vendors
Apps are already in the app store; updated versions will have this communication ability.
It is acceptable for the data stored in App B to be accessible to other apps on the device.
It is not acceptable for the data stored in App B to be visible to general third parties (e.g. if an external server is used, there needs to be some sort of secured scheme)
The data read should be able to occur immediately upon App A being opened after install. For instance, I cannot require the user of App A to enter log in credentials for an external communication service.
Must work on non-jailbroken devices.
This is seeming rather difficult to pull off in iOS7. Help is appreciated.
Tricky work around. Not recommended, but it will get the job done if you can't afford servers.
On the first app create a contact in the user's contacts book. Give it a generic name like "000 - NameOfAppB Data - Don't Delete" (I start with "000" so it goes to the bottom of the users contact book so they never see it, I also add "don't delete" so if the user does somehow find it they don't delete it hahaha) (who looks at contact books anyways). In the contact info under notes add your NSData in string format.
Then when app A is opened search for that contact, read the data, then delete the contact.
Apple does allow you to create and delete users contacts without their permission. (At least in 2011 they did, this may have changed).
This might serve your purpose
https://developer.apple.com/library/ios/documentation/Security/Reference/keychainservices/Reference/reference.html
I am not sure of its limitations though, i have seen implementations where credentials have been shared between apps.
I am developing a iOS/OS X application with a very "nice to have" feature: possibility to sync with non-iCloud clouds.(through web server in example).
The app design already is completely based on iCloud so I was thinking there might be a workaround I could use instead of writing code for one more data marshaling.
Basically what I need is to make some iCloud stored data available to the public OR get user's e-mail/password used for iCloud on iOS/OS X.
The reason why I need it - I'll have to sync data with another cloud and I want to keeps the app lightweight and so move everything to the server (I think I might need OS X server).
Anyways, any suggestion are appreciated a lot!
I can understand wanting to do that, but just because you want to do it doesn't mean that you can.
Basically what I need is to make some iCloud stored data available to the public
I don't believe that there's a way to do that. iCloud isn't a generalized internet hosting service; it's a service designed to make it easy for an individual user to share his/her private information among several devices. Creating the possibility of making information public would only undermine the trust that people put in the service.
OR get user's e-mail/password used for iCloud on iOS/OS X.
That'd put your users in direct violation of the iCloud TOS, which state in part:
You further acknowledge and agree that the Service is designed and
intended for personal use on an individual basis and you should not
share your Account and/or password details with another individual.
If you want users to be able to sync their data with other hosting services and you don't want to build that functionality into your mobile app, you might consider building a MacOS X app that the user could run to sync the data.