Resolved Hiding App Data

Discussion in 'iOS Programming' started by xArtx, Feb 4, 2013.

  1. xArtx, Feb 4, 2013
    Last edited: Feb 5, 2013

    xArtx macrumors 6502a

    Mar 30, 2012
    Hi Guys,
    An App of mine has a database in it's documents directory containing
    information that is both read and written to by the program.

    If someone jailbreaks their iPhone, and accesses the filesystem, the data
    file could be changed by the end user, and in this case, it could make the
    app offer different functionality than is intended.


    Is is acceptable to xor every byte in the data file against a table of random bytes,
    thereby messing it up without calling that encryption?

    The only other solution I can think of is checksumming the file, and requiring
    a particular checksum value being correct any time the file is changed by
    the App as well as an end user fiddling from the outside.

    Any thoughts?
  2. chown33 macrumors 604

    Aug 9, 2009
    Sailing beyond the sunset
    That is encryption. It's called a stream cipher. ARC-4 is an example. There are many others.

    Exactly what are you trying to defend against? Someone obtaining an in-app-purchased feature by performing an unauthorized change to the database?
  3. xArtx thread starter macrumors 6502a

    Mar 30, 2012
    I'm trying to prevent the database from being changed by an end user outside of the application itself, or replaced entirely.
    The database comes with the main bundle, but must be written to the Docs directory
    at run time so the App can write to it.

    I don't care who sees it, but I don't want it altered with any editor other than the App.
  4. MattInOz macrumors 68030


    Jan 19, 2006
  5. xArtx, Feb 5, 2013
    Last edited: Feb 5, 2013

    xArtx thread starter macrumors 6502a

    Mar 30, 2012
    Yes, but that is really three words :)

    it's a free vector GPS that covers one particular Qld National Park only.
    I got permission to use Commonwealth map data today,
    although I digitised it some 5 years ago for personal use :D

    There was an SES search and rescue on the weekend with at least one chopper deployed,
    and it happens at least yearly. That prompted me to contact them.

    The map data is MP format which is optimised from there (coordinates written to floats, etc)
    at run time. But the stored map data is Human readable ASCII.

    What I was going to write back to the map is known points of mobile reception,
    especially if there's a way to query the iPhone's cellular receiver without getting in trouble,
    but how narrow minded is that? It can be written to a separate file.
    This is resolved.

Share This Page