I have an iOS app which keeps sync with a database of PDF documents via a RESTful web service. Basically, the app downloads a few PDF's which I am storing to the file system in my app.
I am using the Library/Caches directory.
NSSearchPathForDirectoriesInDomains(NSCachesDirectory, NSUserDomainMask, YES)
My requirement is to store the files such that the user cannot gain access to them in any way. When I write the file, I am also providing the option: NSDataWritingFileProtectionComplete
[decodedFile writeToFile:newFilePath options:NSDataWritingFileProtectionComplete error:nil];
However, I am still able to access the files through Devices -> Select My App -> Download Container...
I need to configure the app such that the downloaded content cannot be accessed by anything but the app itself. There must be a way to do this, but I have been unable to find anything...?
This is not a solvable problem. If this were a solvable problem, then it would be trivial for Apple to prevent Jailbreaking. They would just write a system validation key in whatever place the user cannot possibly access. The fact that Jailbreaking is possible despite Apple controlling every part of the ecosystem should put in perspective your chances of protecting data that you've written to a user's device from that user.
This has been discussed several times, including thoughts on what you actually can do and what's worth doing (nothing is going to be 100%; nothing is even going to be 90%). You can look over the previous incarnations of this question for more. Secure https encryption for iPhone app to webpage is a good place to start, since it includes links to several of the others.
Related
just to be more specific, I would like to know more about the system files that can be accessed with regards to a jailbroken phone.
From what I understand, each ios application has its own sandbox. A phone has root access once it is jailbroken, allowing creation of 3rd party system applications which result in accessing the system files. However, if I am not wrong, the sandbox is still there just that it has lesser restrictions hence allowing accessing of system files?(not sure about this part too).
So for a jailbroken phone, what kind of critical system files are we able to access from our created application that will go through the sandbox and which are not accessible from a unjailbroken phone? Is contact list a part of the critical system files, although I believe we are still able to get contact list without a jailbroken phone using the Address Book frameworks.
I may be wrong, but my term of Critical system files refers to system information that normal users would not like others to get hold of so I was thinking if contact list is part of it even though it does not require a jailbroken phone.
Without taking Tweaks into consideration, an app is able to read/write/execute in the root directory /. Tweaks are able to do whatever they want (just like the app would - even an Apple pre-installed app), depending on where they are hook-ing. For example, a tweak I was working on for MobileSMS (the SMS app) can give me the passcode of your iCloud account stored in the keychain by default.
Long story short, jailbreaks equals zero security for an average user. On the other hand, there is only one exploit (at least to my knowledge) currently, that attacked iOS and came from GeorgiaTech a few months ago, hidden in an app on the App Store.
I wrote an iphone app that as a first function allows the user to download files. The user then manipulates these files in a particular way that wants them to be in memory.
It's not necessary that all of the files the user gets are in memory, just a few at a time that are well within memory constraints. However, the option to download the rest later is not available because of location assumptions (mainly that there is no assumption the user will be within wifi or data reception).
Is there a way around this? One example would be to have some sort of permanent write that I could access. Is that how the file storage apps solve this?
Thanks.
Could you use a server to do the manipulation instead of the app? iphone app sends the link to the server, server does the manipulation, and the the iphone downloads the manipulated link.
I am developing an app that sends data from the app to an sql server. I have read in the App Store guidelines (point 2.6) that "Apps that read or write data outside its designated container area will be rejected". Does that mean I will not be able to do this?
I'm pretty sure they're just referring to the designated "sandbox" each app is assigned to. Each app has their own documents directory to save local files, and I believe they're just warning you not to attempt to write outside of this (if you were even able to on non-jailbroken devs). They also don't want you attempting to access other apps that you don't have permission to access.
I've had several apps go to the store that write to and read from Google App Engine servers and they've been accepted with no problem. So I think you'll be good to go saving data to your own server.
I have encrypted files downloaded and available for offline view in a folder, I would like to know:
how to open them in the appropriate reader as these are ms office docs and prezi format
I suppose they will have to be unencrypted so that reader can read them but in this case how to ensure security?
which folder to use to avoid iCloud sync, I already read this Disable iCloud sync
Does iOS protects documents of the application by encryption based on app key as I read it or am I wrong?
Speaking extemporaneously, as thoughts occur, Sven is right about UIDocumentInteractionController and that objects are identified by URL.
However, it's possible you don't need to unencrypt your files on disk for this to work. You can probably write your own little URL protocol (subclass NSURLProtocol and implement methods appropriately; you should end up checking that URLs are within the invented scheme you've created — e.g. myApplicationEncrypted:// — then posting data packets to a NSURLProtocolClient) and register it with the device via NSURLProtocol +registerClass.
You'll obviously need to decrypt between disk and protocol client. So you'll be passing unencrypted data on — you'll need to make a trust judgment on UIDocumentInteractionController.
The document interaction controller is documented to work within your app, so there shouldn't be sandbox concerns.
You can send your documents to other apps using an UIDocumentInteractionController object. You initialize it with a file URL pointing to your document and then use one of it’s methods to present it.
This takes care of displaying a preview (if possible) and letting the user select the application the document should be opened in.
The document has to be decrypted for this to work. You then cannot make any guarantees about the security of your file - once it is handed over to another application it is out of your control.
If your app doesn’t explicitly opt-in to use iCloud sync your data will not be synced with iCloud. What will be sent to iCloud are backups of the whole device though (if enabled). There are ways to disable this for single files as you already read in the question you linked.
The iOS file protection is based on a device key, not on a per app key. This also is not necessary because apps are protected from each other by the sandbox, unless your phone is jailbroken. On a jailbroken phone there are no security guarantees.
I am currently coding a backup app for iOS, and I want to have options to let the user back up things like Application Data (other app's documents, etc,) Contacts, Safari Bookmarks, and all that fun stuff.
I'd like to know if that's possible, how I'd do it, and where those files are stored, and most importantly, if this is actually allowed by Apple. I read through their docs, and I haven't seen anything that speaks against it.
It's not possible. Your app isn't even capable of reading the documents from other apps. This is accomplished via sandboxing. Every read/write your application tries to do to the filesystem is checked by the kernel to ensure you're staying within your sandbox. The documents belonging to other apps are outside of your sandbox, so you cannot see them.
They aren't allowed. All iOS apps are sandboxed, and can't access other apps' data.
Your app, naturally is in a sandbox, which does not allow you to read outside of the app. If you jailbreak your device, then yes, it is possible.