How safe is it to call Amazon S3 Services with iPhone?

Question

How safe is it to call Amazon S3 Services with iPhone?

I want to make calls to the Amazon S3 rest API through the iPhone app. This means that I will need to write secretAccessKey and accessKey Amazon S3 services in my iPhone application.

If my application enters the AppStore, will it be dangerous for me? Maybe some people will extract my secret key and my key to use it for other purposes? Is there a way to protect my application from this kind of attack?

Thanks!

Martin

+6

security iphone amazon-s3

MartinMoizard Jan 12 '11 at 18:26

source share

1 answer

Larry hipp · Accepted Answer · 2011-01-12T18:52:33+0000

If possible, you should not store your keys in your application.

You can see a lengthy discussion of the topic here: Architectural question and the question of downloading photos from the iPhone and S3 application (check Adrian Petrescu’s answer).

There are a couple of options here. First upload the data to the central server, and then to S3. Your keys remain private on your server. Or you can look at assigning your urls.

How safe is it to call Amazon S3 Services with iPhone?

More articles: