I thought there were both local and iCloud Notes, no? Sandor
> On Jun 28, 2017, at 09:14, Jean-Daniel <mail...@xenonium.com> wrote: > > >> Le 27 juin 2017 à 04:25, Sandor Szatmari <admin.szatmari....@gmail.com> a >> écrit : >> >> This is an interesting thread. The OP's original question made me think of >> the functionality Apple recently (how recently I'm not sure) added to the >> iOS Notes app. It allows you to selectively 'encrypt' (password protect) a >> note. This functionality allows you to pass your phone to someone to let >> them read a note and not worry about them skipping to your note with all >> your 'secret info'. Also, if someone got your phone in an unlocked state, >> (it could happen I guess) they couldn't trust a Mac and browse to plain text >> files. > > Notes are sync with iCloud and can be read on a Mac where this is far more > common to share a session. > >> I must say at this point I whole heartedly agree with all the warnings for >> implementing encryption schemes. But is there not also a valid use case >> here? Unless I'm misunderstanding things, Apple seemed to think so. >> >> Sandor >> >>>> On Jun 26, 2017, at 13:59, Jens Alfke <j...@mooseyard.com> wrote: >>>> >>>> >>>> On Jun 26, 2017, at 9:50 AM, Alex Zavatone <z...@mac.com> wrote: >>>> >>>> You can use the iExplore app to look in the Documents folder of any device >>>> you attach to your Mac. >>> >>> But you can only attach a device to your Mac if the device is unlocked, >>> since you have to OK the “Do you trust this computer?” alert. >>> As recent court cases have shown, unlocking an iOS device against the >>> owner’s will is nearly impossible. >>> >>>> Also, data protection SUCKS because it locks the files if the app goes in >>>> to the background, basically suspending any file based background >>>> operations like sql db updates. >>> >>> It does this by default, but you can alter those settings if you need >>> background access to certain files, basically trading some security for >>> greater access. >>> >>>> Thanks to the help of Chris Thorman, I was able to update an AES256 hmac >>>> method to work with UTF-8 char sets. We use this for data security over >>>> http. >>> >>> It’s much easier to just enable SSL/TLS on the HTTP server. (Though I >>> realize there are cases where you don’t have control over the server, or >>> circumstances prevent deploying HTTPS.) >>> >>>> Now, it might be overkill or just bad design, but we use a CoreData db >>>> with transformable property and encrypt the data stored. >>> >>> How do you store the encryption key? That’s often the downfall; even if you >>> put it in the Keychain, it can be accessed by an attacker if your app’s >>> files are accessible (unless you add TouchID authentication to it.) >>> >>> (Also, I hope you’re using a different IV for each record you encrypt. >>> Sorry to be a broken record about this, but it’s important.) >>> >>> —Jens >>> _______________________________________________ >>> >>> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) >>> >>> Please do not post admin requests or moderator comments to the list. >>> Contact the moderators at cocoa-dev-admins(at)lists.apple.com >>> >>> Help/Unsubscribe/Update your Subscription: >>> https://lists.apple.com/mailman/options/cocoa-dev/admin.szatmari.net%40gmail.com >>> >>> This email sent to admin.szatmari....@gmail.com >> _______________________________________________ >> >> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) >> >> Please do not post admin requests or moderator comments to the list. >> Contact the moderators at cocoa-dev-admins(at)lists.apple.com >> >> Help/Unsubscribe/Update your Subscription: >> https://lists.apple.com/mailman/options/cocoa-dev/mailing%40xenonium.com >> >> This email sent to mail...@xenonium.com > _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
