Encrypted data/image store?
3 views
Skip to first unread message
Eric Shapiro
Sep 19, 2014, 12:32:37 AM9/19/14
to a2-cocoaheads
We have an application where we need to encrypt a database file that stores both data and up to a few hundred small images. Any suggestions on file format?
We're thinking encrypted sqlite files are probably the best choice.
Thoughts or suggestions? Which sqlite encryption libraries to use?
1. The images must be encrypted too - not just the metadata
2. iOS and Android, preferably Obj-C and Java APIs
3. Sharing APIs and file formats between the platforms nice but not necessary
Thanks,
Eric
------------------------------------------------
Eric Shapiro sha...@relium.com
------------------------------------------------
We're thinking encrypted sqlite files are probably the best choice.
Thoughts or suggestions? Which sqlite encryption libraries to use?
1. The images must be encrypted too - not just the metadata
2. iOS and Android, preferably Obj-C and Java APIs
3. Sharing APIs and file formats between the platforms nice but not necessary
Thanks,
Eric
------------------------------------------------
Eric Shapiro sha...@relium.com
------------------------------------------------
Daniel Hibbitts
Sep 19, 2014, 10:38:00 AM9/19/14
to a2-coc...@googlegroups.com
We are looking at -
https://www.zetetic.net/sqlcipher/
though storing files in a database makes me feel dirty.
-dh
> --
> You received this message because you are subscribed to the Google Groups "CocoaHeads Ann Arbor" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to a2-cocoahead...@googlegroups.com.
> To post to this group, send email to a2-coc...@googlegroups.com.
> Visit this group at http://groups.google.com/group/a2-cocoaheads.
> For more options, visit https://groups.google.com/d/optout.
https://www.zetetic.net/sqlcipher/
though storing files in a database makes me feel dirty.
-dh
> You received this message because you are subscribed to the Google Groups "CocoaHeads Ann Arbor" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to a2-cocoahead...@googlegroups.com.
> To post to this group, send email to a2-coc...@googlegroups.com.
> Visit this group at http://groups.google.com/group/a2-cocoaheads.
> For more options, visit https://groups.google.com/d/optout.
Priya Rajagopal
Sep 19, 2014, 11:27:46 AM9/19/14
to a2-coc...@googlegroups.com
I agree w/ Dan about storing files in DB ( although SQLite is often used for large data blobs). Apple recommends storing them elsewhere and holding references to those
"It is better, however, if you are able to store BLOBs as resources on the filesystem, and to maintain links (such as URLs or paths) to those resources. You can then load a BLOB as and when necessary"
Sent from my iPhone
"It is better, however, if you are able to store BLOBs as resources on the filesystem, and to maintain links (such as URLs or paths) to those resources. You can then load a BLOB as and when necessary"
Sent from my iPhone
Daniel Hibbitts
Sep 22, 2014, 3:23:16 PM9/22/14
to a2-coc...@googlegroups.com
There is a lot of information available regarding app security and dealing with the image that is saved when an iOS app goes into the background. My question is does Safari on iOS do the same thing and does a screen shot get saved onto the device when Safari goes into the background? And does anyone have any links to information on this? In summary I'm looking for information on how a website could protect against a screen shot with sensitive data getting stored on the device.
-Dan Hibbitts
-Dan Hibbitts
Eric Shapiro
Sep 22, 2014, 3:37:29 PM9/22/14
to a2-cocoaheads
On Sep 22, 2014, at 3:23 PM, Daniel Hibbitts <dhib...@gmail.com> wrote:
> In summary I'm looking for information on how a website could protect against a screen shot with sensitive data getting stored on the device.
I don't *think* it can, but I am not an expert on WebKit. Even iOS apps can't prevent it:
> In summary I'm looking for information on how a website could protect against a screen shot with sensitive data getting stored on the device.
<http://stackoverflow.com/questions/13484516/ios-detection-of-screenshot>
-Eric
Mark Smith
Sep 22, 2014, 5:06:55 PM9/22/14
to a2-coc...@googlegroups.com
On 9/22/14 3:37 PM, Eric Shapiro wrote:
> On Sep 22, 2014, at 3:23 PM, Daniel Hibbitts <dhib...@gmail.com> wrote:
>
>> In summary I'm looking for information on how a website could
>> protect
against a screen shot with sensitive data getting stored on the device.
>
> I don't *think* it can, but I am not an expert on WebKit. Even iOS apps can't prevent it:
>
> <http://stackoverflow.com/questions/13484516/ios-detection-of-screenshot>
An interesting problem.
> On Sep 22, 2014, at 3:23 PM, Daniel Hibbitts <dhib...@gmail.com> wrote:
>
>> In summary I'm looking for information on how a website could
>> protect
against a screen shot with sensitive data getting stored on the device.
>
> I don't *think* it can, but I am not an expert on WebKit. Even iOS apps can't prevent it:
>
> <http://stackoverflow.com/questions/13484516/ios-detection-of-screenshot>
If you are writing an app and just want to prevent the automatic iOS
snapshotting that could lead to accidental storage of sensitive data,
this SO question might help:
http://stackoverflow.com/questions/6235112/preventing-snapshot-view-of-your-app-when-coming-back-from-multi-tasking
But I think Eric is right that you probably cannot block someone who
intentionally takes a screenshot. Even if you could, they could use
another device to take a photo of their iOS device's screen anyway.
--
Mark Smith
Pearl Crescent, LLC
http://pearlcrescent.com/
Shawn Platkus
Sep 22, 2014, 5:12:28 PM9/22/14
to a2-coc...@googlegroups.com
One thing I noticed that the Chase Bank iOS app does that is related to what you’re asking is that when the user presses the home button (or presumably any other action that would put it into the background) it changes the view to a solid blue screen with the white Chase logo on it. Thus when browsing through the application switcher, sensitive data is not shown in the snap shots of the running apps.
-Shawn
-Shawn
Chris Adamson
Sep 22, 2014, 5:30:05 PM9/22/14
to a2-coc...@googlegroups.com
iCab does the same thing in private browsing mode - it runs a blur filter on its contents, so that's what you see when you look through the app switcher. It's only cosmetic, though, as the full contents come right up when you switch back to iCab.
Sent from my iPad
Sent from my iPad
Daniel Hibbitts
Sep 22, 2014, 6:17:33 PM9/22/14
to a2-coc...@googlegroups.com
Yeah, for the native app we are covered, it's Safari that is the possible problem child. Another group is doing a mirror of the app I'm working on as a Responsive HTML5 website and I wanted to know what issues they could face. For the app we are blanking the fields and putting up an image with the splash screen image. As for cameras the same goes for photocopies of paper, that's beyond anyone's control. My concern is with artifacts on the device that are left around long after the app exits.
Priya Rajagopal
Sep 23, 2014, 9:10:38 AM9/23/14
to a2-coc...@googlegroups.com
Hi
Anyone have experience using payment gateways ( something like Braintree). Any recommendations or options to avoid ? We are looking for something that can ideally be used across mobile / non mobile - SDK to integrate it on various platforms.
Regards
Priya
Anyone have experience using payment gateways ( something like Braintree). Any recommendations or options to avoid ? We are looking for something that can ideally be used across mobile / non mobile - SDK to integrate it on various platforms.
Regards
Priya
Reply all
Reply to author
Forward
0 new messages