The Steps to ensure your iOS Application Security [Part 2]
- Jail Break Detection
Jailbreak detection is a security technique used in iOS applications to identify whether a user’s device has been jailbroken or tampered with. Bypassing the device’s limitations through jailbreaking allows users to add unauthorized programs and change system preferences. Applications that can identify jailbreak status can evaluate possible security risks and take necessary steps to protect sensitive data. Ways to identify jailbreaks include looking for certain files or modifications to the system that often appear on jailbroken devices. Implementing jailbreak detection helps in improving iOS application security and reducing risks associated with compromised device integrity.
Reference:
2. Debugger Detection & Enable Debug Logs
Debugger detection is significant in protecting unauthorised users from analysing and tampering with the application’s code while it is running. Devs may provide their app an extra degree of security by adding debugger detection mechanisms, such as looking for debugger breakpoints or certain debug flags. To avoid unauthorised access or data modification, suitable steps can be performed if a debugger is found, such as stopping the application or turning off specific functionality.
func isDebuggerAttached() -> Bool {
if isSimulator { return false }
var info = kinfo_proc()
var mib : [Int32] = [CTL_KERN, KERN_PROC, KERN_PROC_PID, getpid()]
var size = MemoryLayout<kinfo_proc>.stride
let sysctlResult = sysctl(&mib, u_int(mib.count), &info, &size, nil, 0)
if sysctlResult != 0 {
return false
}
return (info.kp_proc.p_flag & P_TRACED) != 0
}For the purpose of identifying and fixing software bugs and vulnerabilities, debug logs must be allowed while the product is still being developed. However, it’s important to make sure that debug logs are turned off in the application’s production version. Debug logs that are enabled in a live application disclose sensitive data that might be accessed by attackers, such as user passwords or API keys. To avoid accidental information leaking, debug logging statements must be removed or disabled before the application is released to the production environment.
Reference:
· https://developer.apple.com/documentation/os/logging
3. Code Obfuscation
Code obfuscation is a technique for making an application’s source code more complicated and challenging to read and understand, which makes it more challenging for attackers to analyse, reverse engineer, or tamper with the code.
Reference:
· https://github.com/rockbruno/swiftshield
4. Integrity Checks:
Integrity checks are put into place by computing cryptographic hashes (like SHA256) of important application parts like executable binaries or significant data files. These hashes may be safely stored and checked against one another at runtime to make sure they haven’t been altered. If a mismatch is detected, it indicates potential tampering.
func performIntegrityCheck() -> Bool {
// Perform integrity checks for critical components of the application
guard let executablePath = Bundle.main.executablePath else { return false }
let executableData = FileManager.default.contents(atPath: executablePath)
// Calculate the hash of the executable
let calculatedHash = executableData?.sha256()
let data = calculatedHash?.base64EncodedString()
// Compare the calculated hash with the expected hash
let expectedHash = "YOUR HASH"
// Check if the hashes match
let isIntegrityValid = (data == expectedHash)
return isIntegrityValid
}Conclusion:
By implementing the aforementioned steps, you can significantly enhance the security of your application, making it more challenging for penetration testers to identify vulnerabilities or exploit security weaknesses. These steps strengthen the security of your app and protect your application from potential threats. However, it’s important to keep in mind that security is a continual endeavour, and it is recommended to frequently update and evaluate your security measures to remain aware of developing threats.
