Keep your ios app configuration safe

Question

Keep your ios app configuration safe

I am developing an iOS application. My application needs to save configuration and status data on the local computer. for example, the application runs in Free or Paid mode. If I put this information in a plist file, can it be accessed in iphone jailbreak? If so, where should I keep it in safe mode? (Note: for some special reason, I don’t want to encrypt the data in the plist file). I heard about saving and restoring iOS status, does it help me save data in protected memory?

Update: my application runs on ipad with iOS 4.3 + Thanks

+4

security ios jailbreak

Nguyen Minh Binh Dec 25 '12 at 3:08

source share

2 answers

One idea about placing data in a safe place. If your application has some authentication, you can use this information to encrypt / decrypt some data.

It is not 100% safe. If other processes are in your process memory, copy the data from it, then you will be screwed. However, if some other application simply copies the file, it will be useless (because first they will need to get your authentication information in order to decrypt it).

+1

Victor ronin Jan 9 '13 at 10:03

source share

user529758 · Accepted Answer · 2012-12-25T05:35:58+0000

If I put this information in a plist file, can I access an iPhone with a jailbroken iPhone?

Yes it is possible. Since the jailbroken phone has a fully open file system and a working root user account, users can do just about anything with your application: capture their secret data, hack them, reconstruct, modify using MobileSubstrate, etc. Etc. ( Don’t dare to pop up the warning “I am not running on jailbroken devices!”!)

If so, where should I safely store it?

In short: you cannot.

Here is this keychain thingy , which should be safe, but it is not protected at all on hacked devices. The full contents of the keychain can be easily reset using this simple tool .

Keep your ios app configuration safe

More articles: