We develop several apps/games. We store/retrive data from plist.
But in Jailbroken devices plist files are editable through several
tools.
I have searched got the followings #
How to secure plist or NSUserDefaults
http://useyourloaf.com/blog/2010/03/29/simple-iphone-keychain-access.html
https://github.com/matthiasplappert/Secure-NSUserDefaults
Those tutorials tells how to prevent you plists from being changed.
But we don't want to let the users (harmful users) to show any data.
Is there any way?
The main question is who are you protecting it from?
1) If you want to protect your plist from prying eyes of unsophisticated user (just and average guy with some tool), all you need is to encrypt plist (even hardoded key should be enough)
2) If you want to protect to protect it from a hacker who has an access to the phone then you will have to do a lot of actions - you need a passcode, this passcode should be long, it should be hashed with salt and this should be used (directly or indirectly) as a key for protection. This way, a hacker without knowledge of password won't be able to get to your plist.
3) If you are trying to protect from malware, which is specifically designed to get a data from your running app - you are screwed. Since, jail is broken on Jailbroken devies, malware can literally do anything and it will be always able to copy your plist out of memory when your application will decrypt it.
Related
I've been googling around on how to store a password, and most of the people say that the only acceptable option is Keychain. I implemented that kind of approach, due to rush. But now I am curious what is that obvious thing to not store passwords in NSUserDefaults and is it ok to store password in CoreData?
So far I understood that NSUserDefaults are stored as a plain text in plist file. But how may one access this file? I've read that it is possible to do with the help of a lightning cable and an itunes, but didn't find how to do that.
Thanks in advance!
Data you store using NSUSerDefault are getting saved in simple plist -in binary format without any encryption. there are many tricks to read these data or modify these data.
Jailbreak users can use iFile to view or modify plist files. Non-Jailbreak users can use other software like iExplore - iFunBox to do this. This software allows users to explore the iOS filesystem without having phone jailbroken
Long story short -- anyone can see or modify data in NSUserDefault. So if you don't want to share your detail publicly, you should never store them in NSUserDefault.
The problem in here is Jailbroken device, while the device is Jailbroken, it will allow other app/tweak to intercept with the sandbox files inside the app, thus can search/read the .plist file in there, atleast thats what i know of
I need to secure some sensitive data in my app. I would like to use NSFileProtection to do that. I'm wondering, will user be able to browse files protected with NSFileProtection if he will jailbroke its device? If yes, is there any other way to protect such data against jailbreaking device?
NSFileProtection does not offer any real protection from code executed on the device with root privileges. Without pincode you can just open any file. With pincode files will not be accessible when device is locked but it's easy to intercept pincode being entered and use it later to programmatically disable protection and open any file at any time. But if the user himself wants to get access then he will not be using pincode in the first place.
As to other ways of protection, I don't think you can properly secure anything from skilled user. There're a couple of ways but there're always ways around them:
Encrypt the data and store encryption keys localy. User could find the keys and decrypt everything
Encrypt the data but store encryption keys on the server side, never cache them anywhere localy. User could sniff web traffic and get the keys. SSL with certificate pinning will protect you from that. But user can always patch your app's binary or use hooks to either disable encryption altogether or dump encryption keys.
Don't store anything localy, always access data from the web. Use SSL with ceertificate pinning to avoid sniffing. But again, binary patches and hooks are still possible.
So I don't think you can fully secure your data but you can make protection sufficiently difficult to reverse engineer and disable so that most of the users will not go through it.
I am displaying a list of images in collectionView. Those images are stored in an array of strings and are available only if user previously bought them as an IAP. The next time the user launches an app, newly bought images should be available to the user. I am wondering, what is the appropriate/secure way of saving such an array? It should be secure and hacker proof. Could you guide me in the right direction?
Images compiled into the app are part the bundle and as such can not be modified due to permissions and signing. There is no reason to put them in NSUserDefaults and that is a poor storage place for many reasons. On a Jail Broken iDevice most security is bypassed.
It they were to be encrypted the app would need the encrypting key and that is problematic since it needs also to be available to the app.
It is veery difficult to secure anything from the device owner.
I'm working on an app which will download JSONs from server , store them in /Library/Application Support/ folder and use them afterwards ....
but after running the app in my iPad , I can see all the files including JSONs from Application Support folder (Documents folder is also visible although) using a Mac OSX app named iExplorer ...
Is there any way to prevent accessing the Application Support folder from unauthorized people ?? (Because now anybody who has the app running in their device can access sensitive informations including JSONs) ... Can anybody help me ??
Sorry if this question is stupid as I'm a newbie to iOS App Development ! Any help regarding this would be greatly appreciated ....
P.S. I tried Data Protection API and it only works when your device is locked via passcode ... You can still access the data if you unlock your device with the passcode ..
Encrypt the data so it is unusable by an attacker.
Prepare:
Create a random key
Save that key in the Keychain
Encrypt:
Get that key from the Keychain
Encrypt the file with AES using the key
Save the file to the desired directory.
Decrypt:
Get that key from the Keychain
Read the file into memory.
Decrypt the file with AES using the key
Use Common Crypto for the cryptographic functions.
Something to get started with, a 256-bit random key for AES:
func generate256BitKey() -> [UInt8] {
let keyLength = Int(kCCKeySizeAES256)
var key = [UInt8](count: keyLength, repeatedValue: 0)
SecRandomCopyBytes(kSecRandomDefault, keyLength, &key);
return key
}
I assume that by "unauthorized user" you mean "the owner of the device." The owner of the device cannot be considered an unauthorized user for data you send to or store on their device. Zaph's answer provides some obfuscation, but does not protect the information from the device owner. Just like data protection, this type of encryption can be reversed by anyone who can read the keychain. These techniques are to protect the user from attackers, not you from your user.
There is no effective technique to protect you from your own user. There are various obfuscation techniques (such as encryption with a key stored on the device), but they're all circumventable. There are many posts discussing this in depth. A good starting point with links to more is Secure https encryption for iPhone app to webpage and http://robnapier.net/obfuscating-cocoa.
For most problems, a little obfuscation is probably fine. It won't stop dedicated attackers, but nothing you're likely to do will either, so something simple is fine. Just don't believe it's going to protect you from your own users. That's a much, much harder problem (see the links for more on that).
I've been researching literacy about the secure aspect of the NSUserDefaults leveraged by the ManagedAppConfig capability of iOS.
We are leveraging this "new" iOS capability to configure our enterprise application via various MDM systems used in our customers landscape.
A debate is now raging on how secure it is.
From our side, the only way that we have found to get this information is to actually JailBrake the device. Which of course would be detected by the MDM system.
Any other security vulnerability that we may have missed there ? Anybody looked into the security aspect of this feature ?
Thanks!
Ingrid.
Everything you store un NSUserDefault is easily accessible (with an app like iExplorer for mac, for example). No need to jailbreak. It is all stored in a .plist file in the Library/Preferences folder of your app.
I had to hide some information before, the way I did it was by using Data Encryption. For more information, read the section called Enabling Data Protection
All you would need to do after enabling correct data protection, is to create a file and store your configuration there. By putting the Data Encryption to NSFileProtectionComplete, your file will be visible, put not readable when the device is locked. For this to work, the user must have set a password on his device