• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Using NSValueTransformer for encryption
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using NSValueTransformer for encryption

  • Subject: Re: Using NSValueTransformer for encryption
  • From: Keary Suska <email@hidden>
  • Date: Sat, 12 Jan 2008 12:06:17 -0700
  • Thread-topic: Using NSValueTransformer for encryption
on 1/10/08 11:47 PM, email@hidden purportedly said:

>> This will not guarantee, in any way, that the value will truly be removed
>> from memory. Just so you know.
>>
> Hi Keary,
>
> what's the reason for that? Is there a new NSString object created when I
> modify a NSTextField's stringValue?

I am mostly talking about a couple of issues: 1) the lifecycle of
autoreleased objects are difficult to predict; and 2) even when an object is
released and memory is freed, the values can still exist in memory in an
intact form. AFAIK, memory is not zeroed out when it is freed, so a sequence
of bytes may still exist.

Combining issues of bindings, editing, and display, strings can be retained,
copied, and autoreleased. Other issues can also effect the life of an
object, such as modal sessions, where the autorelease pool will not be
cleared until the session ends.

There are also other things that I am likely overlooking, but I would say
that the bottom line is simply that setting the NSTextField string vale to
an empty string will not necessarily make the decrypted value disappear.

Here is a somewhat simple, although not definitive, test: decrypt the value,
change the NSTextField, run the run loop (should purge the autorelease
pool), then dump core. Scan core for a series of bytes matching decrypted
value. If it's not there, then you could say that discovering the decrypted
value is impractical enough that someone without free access to the computer
that the application is on is not likely able to discover it. However,
someone with physical access to the computer could get the data regardless
of what you do. There is no way around this other than using external
devices such as encryption cards or dongles that are not kept with the
machine, and even then....

Anyway, as long as you are employing secure programming best practices, that
is the best you can do. You really can't guarantee anything, especially with
Obj-C.

Best,

Keary Suska
Esoteritech, Inc.
"Demystifying technology for your home or business"


_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >Re: Using NSValueTransformer for encryption (From: "Michael Varlik" <email@hidden>)

  • Prev by Date: Re: Reporting Bugs in Apple Sample Code (NSOutlineView, NSTreeController and Bindings)
  • Next by Date: Change in File Link Behavior in NSTextView Under Leopard
  • Previous by thread: Re: Using NSValueTransformer for encryption
  • Next by thread: Re: Using NSValueTransformer for encryption
  • Index(es):
    • Date
    • Thread