Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

iPhone keyboard security,

Tags:

security

iphone

I would like to disable auto text capture by OS, if you type in UITextField/UITextView OS capture this text ( If not found in it's dictionary ) in your application, it will be stored as plain text in dynamic-text.dat file in /root/Library/Keyboard

Now if you open and read this file, you can easily read what you typed in your application.

My requirement is, how can i disable this feature so that within my application, OS does not capture typed in text into this file?

You can check this out even on iPhone Simualtor

like image 378
iamMobile Avatar asked Nov 21 '25 08:11

iamMobile

2 Answers

In the simulator, if I had a UITextField set to Secure (with autocomplete set to off though that should be the default) I never saw any text I typed there in the ~/Library/Application Support/iPhone Simulator/User/Library/Keyboard/dynamic-text.dat, though a UITextField set to autocomplete did have text end up in there.

If I turned off autocorrection on the field that was capturing before, I saw no more entries that I typed show up in that file.

I tried this both on the simulator, and also on the device - on the device I ran my same test application with a secure and unsecured text field (where I alternately turned on and off autocorrection), and then used SpyPhone to examine the keyboard cache. Again in all cases where the text field was marked as secure or had autocorrection turned off, I did not see anything I typed show up in the keyboard cache where I did if I typed it into a text field with auto-correction enabled - just to be clear even explicitly turning on autocorrection in an IB defined text field did not record anything if the field was also marked as secure (and I'm also not sure it tried to autocorrect).

Now I did note, that if I tried a UITextView instead of a UITextField, in that case even turning off autocorrection did not stop the text from being recorded. That seems like an oversight rather than a design choice. A workaround would be to use a UITextField, but that's not always possible... I'd file a Radar on that with Apple.

I can also verify that no common passwords I use (in Safari or applications) showed up in SpyPhone, so they are not in the cache. But pretty much any app collecting passwords uses a UITextField to do so.

like image 190
Kendall Helmstetter Gelner Avatar answered Nov 23 '25 21:11

Kendall Helmstetter Gelner

I don't know much about iPhone programming but... if you can disable the autocorrection, that would surely keep it from going into the user words database.

like image 24
Nicolás Avatar answered Nov 23 '25 22:11

Nicolás
Sign in to Comment

Related questions

handle touchesBegan method for UITextField in UIScrollView
UITabBar images visible on simulator, disappear on the device
Overriding drawRect: and pushing new offset CGContexts onto the stack

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!