Reading Files belonging to other Apps iOS - ios

I am currently coding a backup app for iOS, and I want to have options to let the user back up things like Application Data (other app's documents, etc,) Contacts, Safari Bookmarks, and all that fun stuff.
I'd like to know if that's possible, how I'd do it, and where those files are stored, and most importantly, if this is actually allowed by Apple. I read through their docs, and I haven't seen anything that speaks against it.

It's not possible. Your app isn't even capable of reading the documents from other apps. This is accomplished via sandboxing. Every read/write your application tries to do to the filesystem is checked by the kernel to ensure you're staying within your sandbox. The documents belonging to other apps are outside of your sandbox, so you cannot see them.

They aren't allowed. All iOS apps are sandboxed, and can't access other apps' data.

Your app, naturally is in a sandbox, which does not allow you to read outside of the app. If you jailbreak your device, then yes, it is possible.

Related

Is it possible to take all backed up data without jailbreak from iCloud (public,shared,private) by any app/tool, provided with iCloud credentials?

I am trying to build a mobile monitoring tool/app for iOS without Jailbreak. The only possible way to perfectly access all installed app's content is through iCloudKit.
Also I found Apple's MDM come a little close to this for BYOD devices but yet accessing individual application's data is not possible.
During all this process, I came across some website fonemonitor and phonemonitor (with and without) who claim to do the same without Jail Break.
So here is my question is it possible to take any application's data if we get access to the users iCloud account? Also, are all public, private and shared data accessible via iCloudKit? As the documentation clearly states private data is untouched.
How does app monitoring work for any iOS Devices through these websites. Any lead would actually help!

iOS Secure File Storage Issue

I have an iOS app which keeps sync with a database of PDF documents via a RESTful web service. Basically, the app downloads a few PDF's which I am storing to the file system in my app.
I am using the Library/Caches directory.
NSSearchPathForDirectoriesInDomains(NSCachesDirectory, NSUserDomainMask, YES)
My requirement is to store the files such that the user cannot gain access to them in any way. When I write the file, I am also providing the option: NSDataWritingFileProtectionComplete
[decodedFile writeToFile:newFilePath options:NSDataWritingFileProtectionComplete error:nil];
However, I am still able to access the files through Devices -> Select My App -> Download Container...
I need to configure the app such that the downloaded content cannot be accessed by anything but the app itself. There must be a way to do this, but I have been unable to find anything...?
This is not a solvable problem. If this were a solvable problem, then it would be trivial for Apple to prevent Jailbreaking. They would just write a system validation key in whatever place the user cannot possibly access. The fact that Jailbreaking is possible despite Apple controlling every part of the ecosystem should put in perspective your chances of protecting data that you've written to a user's device from that user.
This has been discussed several times, including thoughts on what you actually can do and what's worth doing (nothing is going to be 100%; nothing is even going to be 90%). You can look over the previous incarnations of this question for more. Secure https encryption for iPhone app to webpage is a good place to start, since it includes links to several of the others.

Programmatically How to wipe out iPhone or iPad data in i phone apps

I am developing an application for security purpose which has 1 requirement as "Wipe out iPhone or i pad data completely if device is stolen".
While doing search for this functionality, I came across one application "Find My iPhone" here which supports this feature of "remotely wipe out all data".
(http://www.howtogeek.com/77158/how-to-remotely-lock-or-wipe-your-ios-5-device/)
But i want to this functionality through programmatically in my app.Can someone give me a solution for this problem?
And is it possible to do this functionality through programmatically?
You cannot completely wipe a standard iPhone's data from an app. The app runs in a sandbox environment so you cannot access data from other apps or iOS itself meaning that you cannot wipe it. That being said, you could wipe photos and contacts programmatically as long as the user grants you access to contacts and photos.
There is NO WAY that Apple would let programmers wipe data remotely for the entire device.
Instead of doing that, maybe you should have functionality in your app where if server returns a particular flag, you would delete all the data stored locally on your app, by you (like login details for your app, personal data stored in Documents). I suggest that, because I've done it before.

Difference in security of a jailbroken iphone

just to be more specific, I would like to know more about the system files that can be accessed with regards to a jailbroken phone.
From what I understand, each ios application has its own sandbox. A phone has root access once it is jailbroken, allowing creation of 3rd party system applications which result in accessing the system files. However, if I am not wrong, the sandbox is still there just that it has lesser restrictions hence allowing accessing of system files?(not sure about this part too).
So for a jailbroken phone, what kind of critical system files are we able to access from our created application that will go through the sandbox and which are not accessible from a unjailbroken phone? Is contact list a part of the critical system files, although I believe we are still able to get contact list without a jailbroken phone using the Address Book frameworks.
I may be wrong, but my term of Critical system files refers to system information that normal users would not like others to get hold of so I was thinking if contact list is part of it even though it does not require a jailbroken phone.
Without taking Tweaks into consideration, an app is able to read/write/execute in the root directory /. Tweaks are able to do whatever they want (just like the app would - even an Apple pre-installed app), depending on where they are hook-ing. For example, a tweak I was working on for MobileSMS (the SMS app) can give me the passcode of your iCloud account stored in the keychain by default.
Long story short, jailbreaks equals zero security for an average user. On the other hand, there is only one exploit (at least to my knowledge) currently, that attacked iOS and came from GeorgiaTech a few months ago, hidden in an app on the App Store.

iOS App Memory Limit

I wrote an iphone app that as a first function allows the user to download files. The user then manipulates these files in a particular way that wants them to be in memory.
It's not necessary that all of the files the user gets are in memory, just a few at a time that are well within memory constraints. However, the option to download the rest later is not available because of location assumptions (mainly that there is no assumption the user will be within wifi or data reception).
Is there a way around this? One example would be to have some sort of permanent write that I could access. Is that how the file storage apps solve this?
Thanks.
Could you use a server to do the manipulation instead of the app? iphone app sends the link to the server, server does the manipulation, and the the iphone downloads the manipulated link.

Resources