{ "id": "63708", "key": "TIMOB-3076", "fields": { "issuetype": { "id": "2", "description": "A new feature of the product, which has yet to be developed.", "name": "New Feature", "subtask": false }, "project": { "id": "10153", "key": "TIMOB", "name": "Titanium SDK/CLI", "projectCategory": { "id": "10100", "description": "Titanium and related SDKs used in application development", "name": "Client" } }, "fixVersions": [ { "id": "11364", "description": "Mobile 1.8.0 M11", "name": "Sprint 2011-32", "archived": true, "released": true, "releaseDate": "2011-08-15" } ], "resolution": { "id": "1", "description": "A fix for this issue is checked into the tree and tested.", "name": "Fixed" }, "resolutiondate": "2011-09-01T13:09:16.000+0000", "created": "2011-04-15T03:36:12.000+0000", "priority": { "name": "Trivial", "id": "5" }, "labels": [ "encryption", "feature", "ios", "request" ], "versions": [], "issuelinks": [ { "id": "12051", "type": { "id": "10003", "name": "Relates", "inward": "relates to", "outward": "relates to" }, "inwardIssue": { "id": "78532", "key": "TIMOB-4840", "fields": { "summary": "Add an API to enable/disable file encryption.", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "priority": { "name": "Trivial", "id": "5" }, "issuetype": { "id": "2", "description": "A new feature of the product, which has yet to be developed.", "name": "New Feature", "subtask": false } } } } ], "assignee": { "name": "rseagraves", "key": "rseagraves", "displayName": "Reggie Seagraves", "active": true, "timeZone": "America/Los_Angeles" }, "updated": "2011-12-13T09:51:10.000+0000", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "components": [ { "id": "10206", "name": "iOS", "description": "iOS Platform" } ], "description": "{html}

A HD ticket is asking to implement the encryption recommended by\r\nApple to protect sensitive data.
\r\nThis is described in the following \r\nApple Programming Guide page 15 and 53.

\r\n

Helpdesk ticket:
\r\nhttp://developer.appcelerator.com/helpdesk/view/71581

{html}", "attachment": [], "flagged": false, "summary": "iOS - File encryption feature request", "creator": { "name": "penrique", "key": "penrique", "displayName": "Pedro Enrique", "active": false, "timeZone": "America/Los_Angeles" }, "subtasks": [], "reporter": { "name": "penrique", "key": "penrique", "displayName": "Pedro Enrique", "active": false, "timeZone": "America/Los_Angeles" }, "environment": null, "comment": { "comments": [ { "id": "129998", "author": { "name": "kevin(wa)", "key": "kevin(wa)", "displayName": "Kevin (WA)", "active": true, "timeZone": "America/Los_Angeles" }, "body": "{html}

Any updates / ETA on this? Have a client who is very insistent\non having their app data encrypted. Hopefully it's not too much\nwork to implement?

{html}", "updateAuthor": { "name": "kevin(wa)", "key": "kevin(wa)", "displayName": "Kevin (WA)", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2011-04-15T03:36:12.000+0000", "updated": "2011-04-15T03:36:12.000+0000" }, { "id": "129999", "author": { "name": "erik", "key": "erik", "displayName": "Erik", "active": true, "timeZone": "America/Los_Angeles" }, "body": "{html}

I would be interested in this as well. Any info?

{html}", "updateAuthor": { "name": "erik", "key": "erik", "displayName": "Erik", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2011-04-15T03:36:13.000+0000", "updated": "2011-04-15T03:36:13.000+0000" }, { "id": "159890", "author": { "name": "penrique", "key": "penrique", "displayName": "Pedro Enrique", "active": false, "timeZone": "America/Los_Angeles" }, "body": "Another customer is asking for this feature. The feature request is specifically File Protection found on page 15 of the PDF in the link above. Possible, would be nice to also have the Keychain Data, also found in that page from the PDF", "updateAuthor": { "name": "penrique", "key": "penrique", "displayName": "Pedro Enrique", "active": false, "timeZone": "America/Los_Angeles" }, "created": "2011-07-18T17:42:58.000+0000", "updated": "2011-07-18T17:42:58.000+0000" }, { "id": "160329", "author": { "name": "jalter", "key": "jalter", "displayName": "Jon Alter", "active": true, "timeZone": "America/Los_Angeles" }, "body": "h3. Associated Helpdesk Ticket\r\nhttp://appc.me/c/APP-134761", "updateAuthor": { "name": "jalter", "key": "jalter", "displayName": "Jon Alter", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2011-07-22T09:55:36.000+0000", "updated": "2011-07-22T09:55:36.000+0000" }, { "id": "161209", "author": { "name": "stephentramer", "key": "stephentramer", "displayName": "Stephen Tramer", "active": true, "timeZone": "America/Los_Angeles" }, "body": "Time spent reviewing.\n\nSolves the customer issue. However, see TIMOB-4840, companion bug which details other fixes necessary for our API.", "updateAuthor": { "name": "stephentramer", "key": "stephentramer", "displayName": "Stephen Tramer", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2011-07-29T15:22:36.000+0000", "updated": "2011-07-29T15:22:36.000+0000" }, { "id": "161963", "author": { "name": "kclark", "key": "kclark", "displayName": "Kincy Clark", "active": true, "timeZone": "America/Los_Angeles" }, "body": "More info: when the iOS passcode lock enabled, that it only encrypts data for the built-in apps like Mail, etc. but not 3rd party apps.\r\n\r\nSpecifically, I'm referring to the iOS \"Data Protection APIs\" as mentioned here: https://developer.apple.com/library/ios/documentation/iPhone/Conceptual/iPhoneOSProgrammingGuide/iPhoneAppProgrammingGuide.pdf\r\n\r\nPages 15, 53", "updateAuthor": { "name": "kclark", "key": "kclark", "displayName": "Kincy Clark", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2011-08-04T17:34:39.000+0000", "updated": "2011-08-04T17:34:39.000+0000" }, { "id": "162013", "author": { "name": "rseagraves", "key": "rseagraves", "displayName": "Reggie Seagraves", "active": true, "timeZone": "America/Los_Angeles" }, "body": "Reopening this issue to provide QE with additional test plans that will show that encryption is taking place. Previous tests only proved that existing file i/o continued to work.", "updateAuthor": { "name": "rseagraves", "key": "rseagraves", "displayName": "Reggie Seagraves", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2011-08-05T10:14:21.000+0000", "updated": "2011-08-05T10:14:21.000+0000" }, { "id": "162588", "author": { "name": "rseagraves", "key": "rseagraves", "displayName": "Reggie Seagraves", "active": true, "timeZone": "America/Los_Angeles" }, "body": "Testing;\r\n\r\nThe way this works is according to the Apple documentation. \r\n\r\nProtected files are stored on disk in an encrypted format at all times. While the user’s device is locked, not even the owning application can access the data in the encrypted files. The user must explicitly unlock the device (by entering the appropriate passcode) before the application can retrieve the decrypted data from the files.\r\n\r\nThe user’s device must have the passcode lock setting enabled and a valid passcode set.\r\n\r\nCurrently, all data files written using our File APIs are protected.\r\n\r\nEssentially what this means is that when you try to use Xcode's Organizer or the iPhone Configuration Utility to copy the application's data off the device when the device is locked with a passcode, it should fail. Once the passcode is entered, the data can be copied off just fine. Once the data is copied off in this manner, it will not be encrypted, and this is the expected behavior.\r\n", "updateAuthor": { "name": "rseagraves", "key": "rseagraves", "displayName": "Reggie Seagraves", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2011-08-11T10:29:57.000+0000", "updated": "2011-08-11T10:29:57.000+0000" }, { "id": "164826", "author": { "name": "nhuynh", "key": "nhuynh", "displayName": "Natalie Huynh", "active": true, "timeZone": "America/Los_Angeles" }, "body": "Tested with iphone 4.3.3 and iPad 4.3 with \nversion=1.8.0\ntimestamp=08/28/11 13:14\ngithash=9c8f107...", "updateAuthor": { "name": "nhuynh", "key": "nhuynh", "displayName": "Natalie Huynh", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2011-09-01T13:09:16.000+0000", "updated": "2011-09-01T13:09:16.000+0000" }, { "id": "175934", "author": { "name": "a.marcone", "key": "a.marcone", "displayName": "Alberto Marcone", "active": true, "timeZone": "Europe/Berlin" }, "body": "I'm not sure what I'm doing wrong, but the files I write are not encrypted. \r\nIf I lock the iPad and break into it through SSH, I can still read the said protected files (simple PDFs in the applicationDirectory).\r\n", "updateAuthor": { "name": "a.marcone", "key": "a.marcone", "displayName": "Alberto Marcone", "active": true, "timeZone": "Europe/Berlin" }, "created": "2011-12-13T08:48:52.000+0000", "updated": "2011-12-13T08:48:52.000+0000" }, { "id": "175939", "author": { "name": "stephentramer", "key": "stephentramer", "displayName": "Stephen Tramer", "active": true, "timeZone": "America/Los_Angeles" }, "body": "Alberto -\r\n\r\nPlease read the following document, page 94 (Protecting Data Using On-Disk Encryption)\r\n\r\nhttps://developer.apple.com/library/ios/documentation/iPhone/Conceptual/iPhoneOSProgrammingGuide/iPhoneAppProgrammingGuide.pdf\r\n\r\nThere are some preconditions for being able to enable secure locking. If files remain unencrypted with these preconditions met, and the correct properties set in Titanium, please report this to us with instructions on how to reproduce the issue on a device which is *not* jailbroken.", "updateAuthor": { "name": "stephentramer", "key": "stephentramer", "displayName": "Stephen Tramer", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2011-12-13T09:32:41.000+0000", "updated": "2011-12-13T09:32:41.000+0000" }, { "id": "175940", "author": { "name": "a.marcone", "key": "a.marcone", "displayName": "Alberto Marcone", "active": true, "timeZone": "Europe/Berlin" }, "body": "The precondictions are satisfied (iOS 4/5 and passcode lock activated).\r\n\r\nI'm trying to reproduce a scenario where my customers lose their devices and someone tries to gain access to their confidential documents. In that case the first step would be to jailbreak them. And if I browse the filesystem like I said before with ssh the files are totally readable.\r\n\r\nSo, when would this kind of encryption be useful otherwise?", "updateAuthor": { "name": "a.marcone", "key": "a.marcone", "displayName": "Alberto Marcone", "active": true, "timeZone": "Europe/Berlin" }, "created": "2011-12-13T09:42:33.000+0000", "updated": "2011-12-13T09:42:33.000+0000" }, { "id": "175943", "author": { "name": "stephentramer", "key": "stephentramer", "displayName": "Stephen Tramer", "active": true, "timeZone": "America/Los_Angeles" }, "body": "You'll also note that the document mentions hardware preconditions; we need to know what hardware you're testing on as well, and whether or not it was reformatted/erased/backed up before attempting this test. That could make a determining factor.\r\n\r\nInternally, we cannot officially test any fixes against jailbroken devices due to them being an unsupported platform with unpredictable behavior.", "updateAuthor": { "name": "stephentramer", "key": "stephentramer", "displayName": "Stephen Tramer", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2011-12-13T09:51:10.000+0000", "updated": "2011-12-13T09:51:10.000+0000" } ], "maxResults": 13, "total": 13, "startAt": 0 } } }