5

I have an iOS app in which I download files to local storage. I've done the following to keep these local files secure: - Store them outside the documents folder (I use the library folder) - Use complete file encryption

But today I came across iFunbox. This is a tool that enables you to browse the filesystem of your iOS device without a jailbreak! What I noticed that if the device is unlocked I can browse all the files in the sandbox. Fortunately when the device is locked the files become inaccessible.

What I was wondering if there is anything I can do to further protect these files when the device itself is unlocked? So how can I protect my files from tools like iFunbox?

Deddiekoel
  • 1,939
  • 3
  • 17
  • 25
  • 1
    If they're encrypted, what does it matter if they're accessed? Storage outside ~/Documents is grounds to be rejected by Apple too. – Jessedc Sep 10 '12 at 21:11
  • When the device is unlocked the encryption is removed and the files are completely accessible for iFunbox. – Deddiekoel Sep 10 '12 at 21:33
  • You can still use iOs encryption to encrypt the files encrypted by you, that's the main idea. – A-Live Sep 10 '12 at 21:47
  • @Deddiekoel If you encrypt the files yourself then passcode or not, there's no issue. – Jessedc Sep 10 '12 at 21:49

4 Answers4

5

This filesystem browsing utilities will only work when your device is unlocked, what you can do to greatly improve the security is to require the passcode protection for the devices running the app. That could be done for internal corporate applications where the data is extremely valuable, I believe it must be approved by Apple as well.

To find out if the passcode is set you will check the protection attributes of a dummy file created by you at allowed place: https://stackoverflow.com/a/6192536/792677

Then if the passcode is not set you can show the notification that the application requires it. I'm sure you could set device to require to enter the passcode by private API with the help of Apple engineers, but it would be private information anyway, right ?

The general advice will be to use a strong encryption and to perform the passcode check showing some security alert notifying the user his data is in danger if it isn't set.

Community
  • 1
  • 1
A-Live
  • 8,904
  • 2
  • 39
  • 74
  • My app is an internal app and the passcode is required through a profile. However when the passcode is 'broken' everything becomes accessible very easily in my opinion. So I'm looking for a better way to secure the data. – Deddiekoel Sep 10 '12 at 21:31
  • 1
    Take a look at CCCRypt http://developer.apple.com/library/ios/#DOCUMENTATION/System/Conceptual/ManPages_iPhoneOS/man3/CCCrypt.3cc.html and On-Disk Encryption http://developer.apple.com/library/ios/#documentation/iPhone/Conceptual/iPhoneOSProgrammingGuide/AdvancedAppTricks/AdvancedAppTricks.html#//apple_ref/doc/uid/TP40007072-CH7-SW6 And you might want to learn more about remote Wipe, i don't know whether that is already supported by the corporate devices you are going to ship the app to. – A-Live Sep 10 '12 at 21:38
  • Yes, remote wipe is enabled. So in case of a known breach we should be ok. However if the device is taken offline, this will not work either. – Deddiekoel Sep 10 '12 at 21:42
  • That's why you give the bad guys only encrypted files and save unencrypted as little as possible (settings bundle, info.plist, you can even encrypt strings and other resources which will require more runtime logic though) – A-Live Sep 10 '12 at 21:44
  • Apparently, according to iFunbox website, this answer is wrong! It says: "The best part about using iFunBox is it requires no jailbreak at all. " http://www.i-funbox.com/about_us.html – Ravindranath Akila Dec 10 '13 at 02:02
  • @Ravindranath Akila and the best part of filling website is that you can write anything there. What is your actual experience, do you have an update for the answer ? Feel free to write the new answer if so. And a small update from me, passcode requirement could be set using MDM, but the OP probably knew it from beginning. – A-Live Dec 12 '13 at 07:48
  • You can access the file system on a non jail broken device, at least, my iPad isn't jail broken and I can. But not the Unix / as far as I can see. – Ravindranath Akila Dec 13 '13 at 10:05
  • @Ravindranath Akila jailbreak was neither a requirement for fs browsing at the time this answer was given. I can't provide exact details, but basically the fs browsing software utilized information at OS left after device synchronization via iTunes. If the device has never been synced to a stranger's OS and it has passcode protection, this software should not be able to read its fs. Feel free to experiment and give us more feedback. – A-Live Dec 16 '13 at 12:10
1

There's nothing you can do to stop access by apps like iFunBox. They're accessing things at the iOS filesystem which has nothing to do with your app.

If your files are encrypted correctly then that's all you can do.

FWIW you need to make sure you're adhering to the Data Storage Guidelines when you store documents in places other than ~/Documents, ~/Library/Caches and ~/tmp

Jessedc
  • 12,320
  • 3
  • 50
  • 63
  • Please cite the section in the terms that specifies this. I personally know that quite a number of apps store documents in other places, including Library and Caches. In fact, Apple actually encourages this in many cases. BTW< that's not meant as a challenge, but a genuine interest. I just went back and skimmed the terms, and did not see that, so I'd really be interested in it. Thanks! – Jody Hagins Sep 10 '12 at 21:30
  • The Data Storage Guidlines state where things should go. ~/Library is not one of the places they stipulate. I've updated the answer. – Jessedc Sep 10 '12 at 21:45
  • OK, the edited answer falls in line with my expectations (as if that meant anything). – Jody Hagins Sep 10 '12 at 21:57
0

Second answer is to store them in the cloud.

  • iCloud
  • DropBox
  • Amazon S3
  • Insert remote service here.

By not ever storing the documents on the device you solve your problem, however it may be less secure in some people's minds.

Jessedc
  • 12,320
  • 3
  • 50
  • 63
  • My app needs to work offline, that's why I store the documents locally... So cloudstorage is not an option for me. – Deddiekoel Sep 10 '12 at 21:32
  • @Deddiekoel that wasn't specified in the question. – Jessedc Sep 10 '12 at 21:42
  • While it was not said in the question the data should be stored offline, isn't it obvious that such a critical data could never be sent to 3rd party servers without tons of legal and technical preparations or approvals ? – A-Live Sep 10 '12 at 21:51
  • @A-Live The only thing that is obvious in these types of discussions are what you make obvious. None of us have any clue about your application requirements, except what you share. Also, remember, while this community is an awesome resource, it's still a place where you are getting advice from almost total strangers. – Jody Hagins Sep 10 '12 at 21:53
  • @A-Live All I can say is that If I had mission critical data like the OP seem to have, I wouldn't be allowing it to be distributed by an app that secures it with answers provided by Stack Overflow users. – Jessedc Sep 10 '12 at 21:57
  • Thank both of you for the comments, but let's be positive here, if everyone think something is impossible they will never find a way to do it, right ? SO is definitely not the software engineering cornerstone but that is a good place to learn more. Also I'm pretty confident the OP has more reliable and experienced professionals to address the question, but we are not them and we still need to do our best, otherwise it is better to go to Youtube for another funny video. – A-Live Sep 10 '12 at 22:09
0

You need to set a passcode to prevent the device from pairing with a computer. But once the device has been paired there is no way in iTunes to unpair it.

You can remove the pairing using DiskAid 6 (http://www.digidna.net/diskaid)

Have look to this http://support.digidna.net/entries/22584881-About-Wi-Fi-and-Pairing-in-DiskAid-6

user2280724
  • 21
  • 2