My iOS app has a lock screen which, when enabled, covers the whole of UIScreen
. However, outside of the UIScreen
bounds, I have panes with sensitive information that are no covered by the lock screen. (Those panes can be swiped in and out when the screen is unlocked.)
How safe is it to have information outside of the UIScreen
bounds? Can an attacker use some sort of external display, or a debugger, or some other mechanism to "reveal" what is outside of the UIScreen
screen?
[The lock screen is a WKWebView
which by default has a "magnifying glass" function. I discovered that, when triggered at the edges of the UIScreen
, the magnifying glass shows a few pixels of what is behind the UIScreen
edge. I have since disabled the magnifying glass with this answer.]
Why Should You Lock Your Desktop? If you walk away from your computer and do not lock it or log off, it poses a security risk to you and the college. Someone can use your computer in an unauthorized way even if you are away for a few minutes, such as: Send email from your account.
And this is where privacy screen protectors come in handy. They can reduce the amount of blue light emitted by your device, which decreases the effects of the blue light. You will still get exposed to it, but the effects will be reduced.
Lock your screen when you're away from your desk Taking steps to lock your screen when you leave your desk is a simple thing to do, but will prevent someone else from accessing your computer.
"Hiding" views offscreen is not secure at all. Anyone with a Jailbroken device can hook into your app at runtime using MobileSubstrate and call [[[UIApplication sharedApplication] keyWindow] recursiveDescription]
to dump the view hierarchy. There are also tools such as Reveal and Spark Inspector that provide an interface similar to Xcode's view debugger to view any views currently in the app's UIWindow
.
As zambrey suggested, it would be best to initialize any views with sensitive information as-needed and remove them when they are dismissed and no longer needed by the user, rather than keeping them out of view but still in the window hierarchy. The benefits of this aren't just safety, but having fewer views in memory will improve your app's performance and reduce its memory footprint.
If you are concerned about security, you may want to check for a jailbroken device at runtime and restrict some features for those devices.
Technically anything that is in memory could be exposed on a jailbroken device. Hiding the sensitive views outside what is currently being displayed is not a security measure. Once the device is jailbroken, the views and the content of those views will be exposed. Even if you have a password textfield set as 'secureTextEntry' and even if you hide it, the contents could be read with a debugger attached to the app as long as the textfield is not deallocated. And even when the textfield is deallocated, the memory could be dumped and if that memory has not been overridden yet you could potentially find the contents of that view.
Now, if you are not worried about the Jailbroken scenario, and you only want to find other options where somebody with a non jailbroken device could explore the views, you should probably check the Accessibility features included in iOS. VoiceOver will be able to read out loud text that is hidden if the accessibility in that view is not properly disabled. Removing views from accessibility tools is sometimes tricky because a change on the parent could affect all subviews (read the UIAccessibility documentation)
Setting accessibilityElementsHidden
to YES
in the parent view or isAccessibilityElement
to NO
in the view, should work.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With