• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag
 

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: file encription/decriptoin iOS
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: file encription/decriptoin iOS


  • Subject: Re: file encription/decriptoin iOS
  • From: Sandor Szatmari <email@hidden>
  • Date: Mon, 26 Jun 2017 22:25:51 -0400

This is an interesting thread.  The OP's original question made me think of the
functionality Apple recently (how recently I'm not sure) added to the iOS Notes
app.  It allows you to selectively 'encrypt' (password protect) a note.  This
functionality allows you to pass your phone to someone to let them read a note
and not worry about them skipping to your note with all your 'secret info'.
Also, if someone got your phone in an unlocked state, (it could happen I guess)
they couldn't trust a Mac and browse to plain text files.

I must say at this point I whole heartedly agree with all the warnings for
implementing encryption schemes.  But is there not also a valid use case here?
Unless I'm misunderstanding things, Apple seemed to think so.

Sandor

> On Jun 26, 2017, at 13:59, Jens Alfke <email@hidden> wrote:
>
>
>> On Jun 26, 2017, at 9:50 AM, Alex Zavatone <email@hidden> wrote:
>>
>> You can use the iExplore app to look in the Documents folder of any device
>> you attach to your Mac.
>
> But you can only attach a device to your Mac if the device is unlocked, since
> you have to OK the “Do you trust this computer?” alert.
> As recent court cases have shown, unlocking an iOS device against the owner’s
> will is nearly impossible.
>
>> Also, data protection SUCKS because it locks the files if the app goes in to
>> the background, basically suspending any file based background operations
>> like sql db updates.
>
> It does this by default, but you can alter those settings if you need
> background access to certain files, basically trading some security for
> greater access.
>
>> Thanks to the help of Chris Thorman, I was able to update an AES256 hmac
>> method to work with UTF-8 char sets.  We use this for data security over
>> http.
>
> It’s much easier to just enable SSL/TLS on the HTTP server. (Though I realize
> there are cases where you don’t have control over the server, or
> circumstances prevent deploying HTTPS.)
>
>> Now, it might be overkill or just bad design, but we use a CoreData db with
>> transformable property and encrypt the data stored.
>
> How do you store the encryption key? That’s often the downfall; even if you
> put it in the Keychain, it can be accessed by an attacker if your app’s files
> are accessible (unless you add TouchID authentication to it.)
>
> (Also, I hope you’re using a different IV for each record you encrypt. Sorry
> to be a broken record about this, but it’s important.)
>
> —Jens
> _______________________________________________
>
> Cocoa-dev mailing list (email@hidden)
>
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

  • Follow-Ups:
    • Re: file encription/decriptoin iOS
      • From: Jean-Daniel <email@hidden>
    • Re: file encription/decriptoin iOS
      • From: Alastair Houghton <email@hidden>
    • Re: file encription/decriptoin iOS
      • From: Jens Alfke <email@hidden>
References: 
 >file encription/decriptoin iOS (From: email@hidden)
 >Re: file encription/decriptoin iOS (From: Alastair Houghton <email@hidden>)
 >Re: file encription/decriptoin iOS (From: Alex Zavatone <email@hidden>)
 >Re: file encription/decriptoin iOS (From: Jens Alfke <email@hidden>)

  • Prev by Date: Re: Is cloning the same as copying in APFS?
  • Next by Date: Re: Is cloning the same as copying in APFS?
  • Previous by thread: Re: file encription/decriptoin iOS
  • Next by thread: Re: file encription/decriptoin iOS
  • Index(es):
    • Date
    • Thread