> Le 27 juin 2017 à 04:25, Sandor Szatmari <admin.szatmari....@gmail.com> a > écrit : > > This is an interesting thread. The OP's original question made me think of > the functionality Apple recently (how recently I'm not sure) added to the iOS > Notes app. It allows you to selectively 'encrypt' (password protect) a note. > This functionality allows you to pass your phone to someone to let them read > a note and not worry about them skipping to your note with all your 'secret > info'. Also, if someone got your phone in an unlocked state, (it could > happen I guess) they couldn't trust a Mac and browse to plain text files.
Notes are sync with iCloud and can be read on a Mac where this is far more common to share a session. > I must say at this point I whole heartedly agree with all the warnings for > implementing encryption schemes. But is there not also a valid use case > here? Unless I'm misunderstanding things, Apple seemed to think so. > > Sandor > >> On Jun 26, 2017, at 13:59, Jens Alfke <j...@mooseyard.com >> <mailto:j...@mooseyard.com>> wrote: >> >> >>> On Jun 26, 2017, at 9:50 AM, Alex Zavatone <z...@mac.com> wrote: >>> >>> You can use the iExplore app to look in the Documents folder of any device >>> you attach to your Mac. >> >> But you can only attach a device to your Mac if the device is unlocked, >> since you have to OK the “Do you trust this computer?” alert. >> As recent court cases have shown, unlocking an iOS device against the >> owner’s will is nearly impossible. >> >>> Also, data protection SUCKS because it locks the files if the app goes in >>> to the background, basically suspending any file based background >>> operations like sql db updates. >> >> It does this by default, but you can alter those settings if you need >> background access to certain files, basically trading some security for >> greater access. >> >>> Thanks to the help of Chris Thorman, I was able to update an AES256 hmac >>> method to work with UTF-8 char sets. We use this for data security over >>> http. >> >> It’s much easier to just enable SSL/TLS on the HTTP server. (Though I >> realize there are cases where you don’t have control over the server, or >> circumstances prevent deploying HTTPS.) >> >>> Now, it might be overkill or just bad design, but we use a CoreData db with >>> transformable property and encrypt the data stored. >> >> How do you store the encryption key? That’s often the downfall; even if you >> put it in the Keychain, it can be accessed by an attacker if your app’s >> files are accessible (unless you add TouchID authentication to it.) >> >> (Also, I hope you’re using a different IV for each record you encrypt. Sorry >> to be a broken record about this, but it’s important.) >> >> —Jens >> _______________________________________________ >> >> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) >> >> Please do not post admin requests or moderator comments to the list. >> Contact the moderators at cocoa-dev-admins(at)lists.apple.com >> >> Help/Unsubscribe/Update your Subscription: >> https://lists.apple.com/mailman/options/cocoa-dev/admin.szatmari.net%40gmail.com >> >> <https://lists.apple.com/mailman/options/cocoa-dev/admin.szatmari.net%40gmail.com> >> >> This email sent to admin.szatmari....@gmail.com >> <mailto:admin.szatmari....@gmail.com> > _______________________________________________ > > Cocoa-dev mailing list (Cocoa-dev@lists.apple.com > <mailto:Cocoa-dev@lists.apple.com>) > > Please do not post admin requests or moderator comments to the list. > Contact the moderators at cocoa-dev-admins(at)lists.apple.com > <http://lists.apple.com/> > > Help/Unsubscribe/Update your Subscription: > https://lists.apple.com/mailman/options/cocoa-dev/mailing%40xenonium.com > <https://lists.apple.com/mailman/options/cocoa-dev/mailing%40xenonium.com> > > This email sent to mail...@xenonium.com <mailto:mail...@xenonium.com> _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com