Re: file encription/decriptoin iOS
Re: file encription/decriptoin iOS
- Subject: Re: file encription/decriptoin iOS
- From: Sandor Szatmari <email@hidden>
- Date: Wed, 28 Jun 2017 09:33:35 -0400
I thought there were both local and iCloud Notes, no?
Sandor
> On Jun 28, 2017, at 09:14, Jean-Daniel <email@hidden> wrote:
>
>
>> Le 27 juin 2017 à 04:25, Sandor Szatmari <email@hidden> a
>> écrit :
>>
>> This is an interesting thread. The OP's original question made me think of
>> the functionality Apple recently (how recently I'm not sure) added to the
>> iOS Notes app. It allows you to selectively 'encrypt' (password protect) a
>> note. This functionality allows you to pass your phone to someone to let
>> them read a note and not worry about them skipping to your note with all
>> your 'secret info'. Also, if someone got your phone in an unlocked state,
>> (it could happen I guess) they couldn't trust a Mac and browse to plain text
>> files.
>
> Notes are sync with iCloud and can be read on a Mac where this is far more
> common to share a session.
>
>> I must say at this point I whole heartedly agree with all the warnings for
>> implementing encryption schemes. But is there not also a valid use case
>> here? Unless I'm misunderstanding things, Apple seemed to think so.
>>
>> Sandor
>>
>>>> On Jun 26, 2017, at 13:59, Jens Alfke <email@hidden> wrote:
>>>>
>>>>
>>>> On Jun 26, 2017, at 9:50 AM, Alex Zavatone <email@hidden> wrote:
>>>>
>>>> You can use the iExplore app to look in the Documents folder of any device
>>>> you attach to your Mac.
>>>
>>> But you can only attach a device to your Mac if the device is unlocked,
>>> since you have to OK the “Do you trust this computer?” alert.
>>> As recent court cases have shown, unlocking an iOS device against the
>>> owner’s will is nearly impossible.
>>>
>>>> Also, data protection SUCKS because it locks the files if the app goes in
>>>> to the background, basically suspending any file based background
>>>> operations like sql db updates.
>>>
>>> It does this by default, but you can alter those settings if you need
>>> background access to certain files, basically trading some security for
>>> greater access.
>>>
>>>> Thanks to the help of Chris Thorman, I was able to update an AES256 hmac
>>>> method to work with UTF-8 char sets. We use this for data security over
>>>> http.
>>>
>>> It’s much easier to just enable SSL/TLS on the HTTP server. (Though I
>>> realize there are cases where you don’t have control over the server, or
>>> circumstances prevent deploying HTTPS.)
>>>
>>>> Now, it might be overkill or just bad design, but we use a CoreData db
>>>> with transformable property and encrypt the data stored.
>>>
>>> How do you store the encryption key? That’s often the downfall; even if you
>>> put it in the Keychain, it can be accessed by an attacker if your app’s
>>> files are accessible (unless you add TouchID authentication to it.)
>>>
>>> (Also, I hope you’re using a different IV for each record you encrypt.
>>> Sorry to be a broken record about this, but it’s important.)
>>>
>>> —Jens
>>> _______________________________________________
>>>
>>> Cocoa-dev mailing list (email@hidden)
>>>
>>> Please do not post admin requests or moderator comments to the list.
>>> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>>>
>>> Help/Unsubscribe/Update your Subscription:
>>>
>>> This email sent to email@hidden
>> _______________________________________________
>>
>> Cocoa-dev mailing list (email@hidden)
>>
>> Please do not post admin requests or moderator comments to the list.
>> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>>
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden