iOS: When I open my app from iMazing, how to hide and protect from read and protect from copy on the mac a specific folder?

Question

With Swift or with Obj-C, I have done an app, and I store sensitive data in a specific folder in the app. Now, I would like the user not be able to see that folder and not able to copy it on his computer, or the best, to hide it with software like iMazing for example.

I tried to add a ".", this is not a solution at all: How to hide folder in NSDocumentsDirectory and disallow backup via iTunes & iCloud

I tried to store it in the Library folder, this is not a solution too, as it is accessible in iMazing: How to hide folders created in Document Directory in ios?

I don't want to use the Application supports iTunes file sharing because I need to access to the documents folder from the app with iMazing.

Does exist an intelligent and subtil solution that allows to store some files in the iPad not accessible with iMazing and not carried to the extreme as the "all or nothing" Application supports iTunes file sharing option?

NSArray *paths = NSSearchPathForDirectoriesInDomains(NSLibraryDirectory, NSUserDomainMask, YES);
NSString *libraryDirectory = [paths objectAtIndex:0];
BOOL isDir = NO;
NSError *error;
if (! [[NSFileManager defaultManager] fileExistsAtPath:libraryDirectory isDirectory:&isDir] && isDir == NO) {
    [[NSFileManager defaultManager] createDirectoryAtPath:libraryDirectory withIntermediateDirectories:NO attributes:nil error:&error];
}

NSString *pathLibToCreate = [libraryDirectory stringByAppendingPathComponent:@"testDoc"];
NSString *pathDocToCreate = [[self documentsDirectory] stringByAppendingPathComponent:@"testDoc"];

if (![[NSFileManager defaultManager] fileExistsAtPath:pathLibToCreate]) {
    [[NSFileManager defaultManager] createDirectoryAtPath:pathLibToCreate withIntermediateDirectories:NO attributes:nil error:&error];
}

if ([[NSFileManager defaultManager] fileExistsAtPath:pathDocToCreate]) {
    [[NSFileManager defaultManager] removeItemAtPath:pathDocToCreate error:nil];
}
NSError *copyError = nil;
if (![[NSFileManager defaultManager] copyItemAtPath:pathLibToCreate toPath:pathDocToCreate error:&copyError]) {
    NSLog(@"Error copying files: %@", [copyError localizedDescription]);
}

Thanks in advance.

You may encrypt your data. Then you have to decrypt it when reading but no one else can read your data. — Obenland, Dec 11 '17 at 11:13

score 1 · Answer 1 · answered Dec 11 '17 at 11:12

1

I think this is not possible, at least if an user has a jailbroken device where he has access to all files on the system.

To prevent the user from having access to the content of a file, one option could be to encrypt the content of the file. Using the CommonCryptor framework that should be an easy task.

For encrypted databases you could use SQLCipher.

answered Dec 11 '17 at 11:12

Florian L.

849
2
8
22

Do you think that there a solution for an none jailbroken iPad? – ΩlostA Dec 11 '17 at 11:16
I don't know which interface iMazing is using. I think they extract the files from the backup file. Depending on how sensitive the data is i would not count on that no one gets the file but use encryption instead. – Florian L. Dec 11 '17 at 11:25

score 1 · Accepted Answer · answered Dec 14 '17 at 09:23

1

If you use "File Sharing" permission to NO and if you use a distribution profile, you won't be able to view your files in Amazing. I guess that it is because you use a developer profile for your app and then you're able to view these files.

answered Dec 14 '17 at 09:23

dt dino

1,194
6
19

If you use File Sharing to Yes in release application, you'll be able to view Document directory but not the app directory. So create your file in NSApplicationSupportDirectory for example, and it will not be accessed. – dt dino Dec 14 '17 at 10:33
Oh! I didn't try in release mode that's why I didn't understand that point. Thank you very much, you are a genius (by contrast to some people like Dávid Pásztor that are not here to help you, but to play the policemen). – ΩlostA Dec 14 '17 at 10:37
@dtdino Running on iOS11 and using a distribution profile. However I can still view the developer folder in iMazing. Is it a must to enable "File Sharing" to NO? – Huiting Apr 30 '18 at 08:42

score 1 · Answer 3 · answered Mar 01 '18 at 10:43

I'm one of the devs of iMazing. Indeed, the accepted answer is correct: iMazing and other similar tools will give access to the app's sandbox when in development. But there are 3 more cases to be aware of:

Jailbroken devices

iMazing will display all files, read/write access.

Devices running a version of iOS prior to iOS 8.3

Same here - before iOS 8.3, we could have access to app sandboxes, read/write too.

Access via iTunes backup

iMazing and similar tools have backup browsers which will let users see app sandboxes. Library and Documents folders, not Caches or tmp. If you really want to be safe, you'll need to explicitly exclude files from the backup. Of course, this has substantial drawbacks...

@ Gregzo, Good work with iMazing, we use it every day :D – ΩlostA Mar 01 '18 at 21:39 — ΩlostA, Mar 01 '18 at 21:39

iOS: When I open my app from iMazing, how to hide and protect from read and protect from copy on the mac a specific folder?

3 Answers3