Re: Checking security settings?
Heh… fortunately I’m *very* early in the design of this, so yeah… nothing is set in stone yet. :-) On Sep 5, 2014, at 11:20 AM, SevenBits wrote: > On Friday, September 5, 2014, Quincey Morris < > quinceymor...@rivergatesoftware.com> wrote: > >> On Sep 5, 2014, at 10:15 , Britt Durbrow < >> bdurb...@rattlesnakehillsoftworks.com > wrote: >> >>> If I can’t find an officially supported way to do this, then yeah - >> that’s what I figure I’ll have to do. I was trying to avoid it due to user >> experience issues; requiring a second login, etc is cumbersome every time >> somebody wants to record something in the app… Oh well... >> >> It was never a workable idea, though. It’d be just as bad for a user to >> set a password of ‘123456’ as having no password, for example, and there’d >> never be an API that *told* you what the password was so you could check if >> it was good enough. Similarly, you’d never have a way of checking that the >> current screensaver actually *obscured* the screen contents. > > > That's very true - my current screensaver for example applies visual > effects to my screen - it distorts, but does not obscure, my screen > contents. Under HIPAA your idea was never workable due to practical > limitations. > Perhaps… most of the time there’s no data displayed onscreen; but there is an NSStatusItem that I need to keep “unauthorized” persons from interacting with… Also, there are distributed notifications that I can trap to lock any data display windows that do happen to be up when the screen locks. IANAL, but my understanding was that the quality of a user’s password was not a HIPAA requirement, just that there needed to be some method of user authentication (not that accepting ‘123456’, ‘monkey’, etc. is a good idea; just that it’s not **legally** required). > >> >> Given the rumors floating around about next week’s grand revelation event, >> you might also want to hold off making any decisions until you see what >> Apple will have to offer. With Health Kit, Home Kit, wearables and payments >> being bruited, there might turn out to be something secure that would ease >> the second-login problem. > > > Second. > I doubt that there will be any new APIs announced at that event… but even so, um, yeah… :-) I wonder if we’ll ever get TouchID on the desktop? ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Checking security settings?
On Friday, September 5, 2014, Quincey Morris < quinceymor...@rivergatesoftware.com> wrote: > On Sep 5, 2014, at 10:15 , Britt Durbrow < > bdurb...@rattlesnakehillsoftworks.com > wrote: > > > If I can’t find an officially supported way to do this, then yeah - > that’s what I figure I’ll have to do. I was trying to avoid it due to user > experience issues; requiring a second login, etc is cumbersome every time > somebody wants to record something in the app… Oh well... > > It was never a workable idea, though. It’d be just as bad for a user to > set a password of ‘123456’ as having no password, for example, and there’d > never be an API that *told* you what the password was so you could check if > it was good enough. Similarly, you’d never have a way of checking that the > current screensaver actually *obscured* the screen contents. That's very true - my current screensaver for example applies visual effects to my screen - it distorts, but does not obscure, my screen contents. Under HIPAA your idea was never workable due to practical limitations. > > Given the rumors floating around about next week’s grand revelation event, > you might also want to hold off making any decisions until you see what > Apple will have to offer. With Health Kit, Home Kit, wearables and payments > being bruited, there might turn out to be something secure that would ease > the second-login problem. Second. > > > > > ___ > > Cocoa-dev mailing list (Cocoa-dev@lists.apple.com ) > > Please do not post admin requests or moderator comments to the list. > Contact the moderators at cocoa-dev-admins(at)lists.apple.com > > Help/Unsubscribe/Update your Subscription: > https://lists.apple.com/mailman/options/cocoa-dev/sevenbitstech%40gmail.com > > This email sent to sevenbitst...@gmail.com ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Checking security settings?
On Sep 5, 2014, at 10:15 , Britt Durbrow wrote: > If I can’t find an officially supported way to do this, then yeah - that’s > what I figure I’ll have to do. I was trying to avoid it due to user > experience issues; requiring a second login, etc is cumbersome every time > somebody wants to record something in the app… Oh well... It was never a workable idea, though. It’d be just as bad for a user to set a password of ‘123456’ as having no password, for example, and there’d never be an API that *told* you what the password was so you could check if it was good enough. Similarly, you’d never have a way of checking that the current screensaver actually *obscured* the screen contents. Given the rumors floating around about next week’s grand revelation event, you might also want to hold off making any decisions until you see what Apple will have to offer. With Health Kit, Home Kit, wearables and payments being bruited, there might turn out to be something secure that would ease the second-login problem. ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Checking security settings?
If I can’t find an officially supported way to do this, then yeah - that’s what I figure I’ll have to do. I was trying to avoid it due to user experience issues; requiring a second login, etc is cumbersome every time somebody wants to record something in the app… Oh well... On Sep 5, 2014, at 8:59 AM, Jens Alfke wrote: > It might be better to make your app itself enforce the HIPAA requirements — > for example, blank the application's windows after a period of no activity, > and require a passcode to un-blank them. That won't involve any sandboxing > issues. > > —Jens ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Checking security settings?
It might be better to make your app itself enforce the HIPAA requirements — for example, blank the application's windows after a period of no activity, and require a passcode to un-blank them. That won't involve any sandboxing issues. —Jens ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Checking security settings?
On Thursday, September 4, 2014, Britt Durbrow < bdurb...@rattlesnakehillsoftworks.com> wrote: > I need to verify that the user has a login password set; and to verify > that they have a screensaver turned on with a password requirement (I’m > trying to make sure that the workstation is HIPAA compliant before > launching my app). I don’t need to actually fetch the password or change > the system settings; just make sure that they exist. Is there an API for > this? (I’d much rather not try to go spelunking around in prefs files > myself… and I’d like to keep my app sandbox friendly as well) I don't know if there's an API, but I can tell you that it is extremely unlikely that it will be sandbox compatible. Unless I am severely mistaken, sand boxing is not designed to let you see details like that because whether or not the user has a password is of no concern to an app in the Mac App Store. You may be able to get what you need through the defaults system, particularly in regards to the screensaver... you will very likely need temporary entitlements though. > > > > ___ > > Cocoa-dev mailing list (Cocoa-dev@lists.apple.com ) > > Please do not post admin requests or moderator comments to the list. > Contact the moderators at cocoa-dev-admins(at)lists.apple.com > > Help/Unsubscribe/Update your Subscription: > https://lists.apple.com/mailman/options/cocoa-dev/sevenbitstech%40gmail.com > > This email sent to sevenbitst...@gmail.com ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Checking security settings?
I need to verify that the user has a login password set; and to verify that they have a screensaver turned on with a password requirement (I’m trying to make sure that the workstation is HIPAA compliant before launching my app). I don’t need to actually fetch the password or change the system settings; just make sure that they exist. Is there an API for this? (I’d much rather not try to go spelunking around in prefs files myself… and I’d like to keep my app sandbox friendly as well) ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com