I am looking forward to developing an app.
This app, was fully 'capable / supported' by the OS on Android, but
not necessarily on iOS
It basically taps on to OS's native phone and message apps to carry out some functions.
(has to be on background, as long as the app is open)
This, however is not possible as you all know, on iOS.
I am trying to forecast the feasilibilty of this app (same functionailty) on Blackberry OS.
I have googled, with keywords like, "how open is blackberry os", "can I build - on blackberry os"
As expected, not much search results.
Please take 1~2 minutes of your time and let me understand where on the graph
Blackberry OS stand on. Thanks.
Close/Sandboxed-------------------------Open/do_whatever_you_want
---------iOS---------------------------------Andriod-----------------------------
I would categorize both BBOS (older Java based phones) and BB10 (new C++ based phones) as closed.
But, in a lot of cases with BBOS especially, there are provided API functions for close interaction with the native apps, including email and phone applications. So if the requirements you specify are all you require, then I suspect you can do it in BBOS.
BB10 is a work in progress. AFAIK, the listeners for these applications are not there yet. For example, there is no notification on a phone call. Moreover, until 10.2 OS, which is just out, there was no way to have a background, always running app (and even now, to get one of these, you need to ask BB to give you the required permissions). But these APIs are, as I understand it, coming. And if there is a need, I think BB will provide it (why I think all the APIs are there in BBOS).
So as a previous comment has said, the correct answer is 'it depends'. On BBOS, you need to check the doc to find out If you can do what you want. On BB10, I'm betting it is probably not there yet, but could well be in the near future.
The only other thing I would say is, if it is not provided, then you will not be able to hack it in any way.
Related
Pretty much what the title says.
I would like to install a 3rd party app on my iOS 11 device, but the only way to do so is by self-signing the .ipa and installing it via Cydia Impactor.
What are the possible security concerns in doing so?
How much control and access would said app have over my device once trusted?
There's no way of saying for certain.
Private APIs
iOS 11 fixed a number of vulnerabilities that allowed access to personal info such as SMS messages without user knowing. There might be other vulnerabilities but it looks like iOS 11 is pretty good in regards to private API access. Pretty much every known personal info leak was fixed.
The problem here is you can't do anything about it. Only way is to disassemble the application and see for yourself.
Permissions
Of course, there're many ways third-party app can steal your personal info if you give it the access. For example, contacts, calendar, call history (without phone number but still), microphone, photo library - once given permission to access, can be accessed at any point even when running in the background without you knowing it. Application can run in the background indefinitely, it's still not fixed by Apple.
Accessing location will always display an icon in the status bar so that's fine. But there're ways you can fool iOS to access location once and not display the icon. It's not reliable but it works.
If application is running in the foreground then it can access camera, microphone, location and iOS will not tell you anything about it. Recently there was an article about camera specifically. You can't tell when it's recording and that's a real problem.
Solution here is simple - don't give the permission.
Jailbreak
Jailbreaking relies on a number of vulnerabilities to modify kernel to disable security measures. No one is stopping you from using these exploits to be executed from a third-party app not meant for jailbreaking. In fact, all recent jailbreaks are done by installing an application using Cydia Impactor. And there's an actual example of that - Filza. It's a file manager that can access root file system. It does that by executing exploits used in jailbreak.
Solution here is to make sure your iOS is up to date and has no jailbreak for it. Of course there's a possibility of unknown exploits. Serious vulnerabilities found regularly in iOS. You can disassemble the application to see what it's actually doing but I don't think you would asking this question if you knew how do that.
I am aware that we can block safari content using swift code. I am interested in finding out if we can restrict install of certain apps from AppStore using similar approach ?
Also, is it possible if we can restrict a user from deleting the app from device (not from phone settings but from code) ? Even if Apple does not allow that to publish such app, I am looking for a solution as a part of research.
There are two things you mentioned.
First, can restrict install of certain apps from AppStore
Using Swift code I feel there are no Public API provided by Apple for the developer till now but there is a similar way that is called Device Enrollment Program.
The Device Enrollment Program (DEP) is part of the Apple Deployment
Programs (ADP), which help businesses and educational institutions
easily deploy and configure iOS and OS X devices. DEP provides a fast,
streamlined way to deploy institutionally owned iPad and iPhone
devices and Mac computers that are purchased directly from Apple or
participating Apple Authorized Resellers or carriers.
For more visit this developer guide.
Second: restrict a user from deleting the app from device
Same response for that, till now no Developer API, but lets say if we see this as a part of research and we develop some POC still, it does not make sense for me at all (It's my device and I install the app for making my life easy and better if I don't want to use it anymore, I need an option to delete it) and I don't think so this will be possible in future as well because the USP for iOS device is user experience and we can't make this like that.
I also want to hear something from others and if possible give the use case why you are looking a solution like that.
I hope this will help.
After I attended a programming class, one of my friends showed me an app that would not allow him get past the first screen due to his jailbroken iPhone.
Since then I have been intrigued as to how the app was able to detect the jailbreak without being blocked by apple and, being the anti-jailbreak advocate that I am, I kept fruitlessly trying to find a reliable way to detect a jailbroken iOS device to prevent people from cheating if I ever decided to release a game on the App Store.
Does anyone know of a reliable method(s) to detect a device's jailbreak status that cannot be easily bypassed by said jailbroken device?
EDIT: based on recent comments, I would just like to clarify that the intention of this post is to share the knowledge I gained from finding that article, and to provide a place where other users can contribute their methods of jailbreak detection.
The other day I stumbled across an article containing the exact answer I was looking for.
From https://www.theiphonewiki.com/wiki/Bypassing_Jailbreak_Detection
While there are countless ways apps can implement checks for jailbroken devices, they typically boil down to the following:
Existence of directories - Check your file system for paths like /Applications/Cydia.app/ and /private/var/stash, amongst a handful of others. Most often, these are checked using the -(BOOL)fileExistsAtPath:(NSString*)path method in NSFileManager, but more sneaky apps like to use lower-level C functions like fopen(), stat(), or access().
Directory permissions - Check the Unix file permissions of specific files and directories using NSFileManager methods as well as C functions like statfs(). Far more directories have write access on a jailbroken device than on one still in jail.
Process forking - sandboxd does not deny App Store applications the ability to use fork(), popen(), or any other C functions to create child processes on non-jailbroken devices. sandboxd explicitly denies process forking on devices in jail. if you check the returned pid on fork(), your app can tell if it has successfully forked or not, at which point it can determine a device's jailbreak status.
SSH loopback connections* - Due to the large portion of jailbroken devices that have OpenSSH installed, some apps will attempt to connect to 127.0.0.1 on port 22. If the connection succeeds, it means OpenSSH is installed and running on the device, therefore it is jailbroken.
system() - Calling the system() function with a NULL argument on a device in jail will return 0; doing the same on a jailbroken device will return 1. This is since the function will check whether /bin/sh exists, and this is only the case on jailbroken devices.[1]
dyld functions - By far the hardest to get around. Calling functions like _dyld_image_count() and _dyld_get_image_name() to see which dylibs are currently loaded. Very difficult to patch, as patches are themselves part of dylibs.
*Only a very small number of applications implement this (as it is not nearly as effective as the others)
the above passage was edited for brevity
I figured I'd post this here as a knowledge-share for those app developers wondering how that one app was able to successfully implement jailbreak detection when all other attempts at detecting jailbreak get rejected by Apple.
Blocking all jailbroken users probably wouldn't help you fight app piracy if you released a game on the App Store because it would force them to get a pirated version of the game to be able to play (instead of giving them the possibility to pay to play the game).
What you'd want is to check if the game is a legit version off the App Store. But even that could be potentially patched by the guys who crack games to release them...
You can check if the currently running executable is encrypted, which is a good way to know if the app has been pirated by looking at this answer.
Otherwise if it's a free game with in-app purchase, doing receipt validation helps block out most tweaks that get around paying for in-app purchases.
But there's definitely no way to absolutely block out app piracy.
You could always mention how had you worked on that game within the game... That could convince a few persons to pay for the legit version of the game.
I'm trying to log users individual app usage on iOS9.
I'd rather prefer that it wouldn't use jailbreak limited solutions, self explanatory. Doing the variation of this app on a jailbroken phone shouldn't be hard.
This will certainly not be released on the App Store as Apple wouldn't allow it.
I'm looking for any private API that can do this, any hidden iOS API's that can be used to do this. ANYTHING.
What I've already looked through:
how to determine which apps are background and which app is foreground on iOS by application id
How to know about app launched and details jailbreak iOS 7
Is there a private API to be able to detect what is current foreground app on iOS?
How to monitoring App running in the foreground in iOS8?use the PrivateFrameworks SpringBoardServices
which proved to be relatively helpful - we now can assume that there is some sort of additional access requirement, probably an entitlement, but we don't really know how it should look like
Can you find individual app usage duration using SpringBoard services framework or other private framework?
Find out active application or if on Springboard
Programmatically detect which iOS application is visible to user
However all of these proved to be unhelpful because Apple fixed this security flaw with iOS8 and the method to copy/access the currently front most app bundle identifier no longer works.
Question is: Is there someone who knows a workaround using different tools/exploits that do not require jailbreak?
Ideas:
inspecting the processes running on the device and devising an algorithm that would be able to recognize spikes that mean an app has been launched, which potentially could work, but it probably would be a major pain in the ass. Questions mentioning this solution:
Detect which app is currently running on iOS using sysctl,
Return a list of running background apps/processes in iOS
How to get Names of Background Running Apps
Find Background running apps in iphone
inspecting the phones traffic somehow?
not sure if there is some kernel stuff that I could do
Here is my Reddit version of this question if anyone wants to check it out. Also if it's of any value, here are the runtime headers for iOS9 and list of Apple's private API's.
Unfortunately, I was looking for a similar solution and have come to the conclusion that, at least at this point in time, there are no known methods that will allow you to determine app usage on iOS. Even the MDM providers such as Good, Airwatch, MobileIron, etc. don't seem to be able to do this. If anyone is able to come up with a solution, I'd love to see it.
For now, however, I think we would have seen a solution if someone had one that worked on the latest iOS.
sysctl is still open but they block certain combinations of selectors. I did this on iOS 7 and gave Apple Product Security the code. They won't patch iOS 7 but rely on App Review. iPhone 4 is wide open.
A client of mine recently came up with a few apps he came across while browsing online. Specifically, he discovered that there are apps that call themselves 'screensavers', and now he wants me to make him a screensaver app.
The obvious problem is that I don't know of any way to make my app open (displacing whatever is in the background) based on a lack of user input in another app! In fact, I would have sworn that it was completely impossible to do so.
So, to wrap up the question -- is it possible to make such an app, and if so how? Or are those apps really, really, badly labeled?
I just tested 3 of the top "screen-saver" applications on my iPad. None of these can turn themselves on, without the user launching them. They are really badly labeled products. In a non-jailbroken device, launching the screensaver application without user interaction is not possible.
Cydia Screensaver Application for Jailbroken devices.
You're correct -- it isn't possible to open an app with no user interaction with a stock device, although there are jailbroken packages that will complete a task similar to this.
You should explain to your client that these "screensaver" apps usually gimmick the reader into downloading them as if they function as do screen savers on personal computers.