Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

xArtx

macrumors 6502a
Original poster
Mar 30, 2012
764
1
Hi Guys,
An App of mine has a database in it's documents directory containing
information that is both read and written to by the program.

If someone jailbreaks their iPhone, and accesses the filesystem, the data
file could be changed by the end user, and in this case, it could make the
app offer different functionality than is intended.

So...

Is is acceptable to xor every byte in the data file against a table of random bytes,
thereby messing it up without calling that encryption?

The only other solution I can think of is checksumming the file, and requiring
a particular checksum value being correct any time the file is changed by
the App as well as an end user fiddling from the outside.

Any thoughts?
 
Last edited:
Is is acceptable to xor every byte in the data file against a table of random bytes,
thereby messing it up without calling that encryption?

That is encryption. It's called a stream cipher. ARC-4 is an example. There are many others.


Exactly what are you trying to defend against? Someone obtaining an in-app-purchased feature by performing an unauthorized change to the database?
 
I'm trying to prevent the database from being changed by an end user outside of the application itself, or replaced entirely.
The database comes with the main bundle, but must be written to the Docs directory
at run time so the App can write to it.

I don't care who sees it, but I don't want it altered with any editor other than the App.
 
NSFileProtectionComplete

Yes, but that is really three words :)

it's a free vector GPS that covers one particular Qld National Park only.
I got permission to use Commonwealth map data today,
although I digitised it some 5 years ago for personal use :D

There was an SES search and rescue on the weekend with at least one chopper deployed,
and it happens at least yearly. That prompted me to contact them.

The map data is MP format which is optimised from there (coordinates written to floats, etc)
at run time. But the stored map data is Human readable ASCII.

What I was going to write back to the map is known points of mobile reception,
especially if there's a way to query the iPhone's cellular receiver without getting in trouble,
but how narrow minded is that? It can be written to a separate file.
This is resolved.
 
Last edited:
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.