开发者

Secure dealloc of an ObjC object on an iOS device

What happens to an object when it's dealloced? Is all the memory nulled out, or do traces still remain?

If I understand it correctly, an app's memory is saved to flash storage if it resigns active. Assume a resourceful hacker that is able to read out this memory. Will he theoretically sometimes be able to read out the contents o开发者_StackOverflowf a dealloced NSString if that memory hasn't been overwritten with something?


Don't store secure data in Objective C data types. They are opaque data types, and could be making and/or leaving lots of copies of your data in memory every time you try to even clear some portion.

Added: The same appears to be true about Swift data types, including structs, arrays and strings. They are opaque, thus who knows how many copies of data might be left around in DRAM.

Use non-opaque plain C data types (array of chars, etc.), which you can bzero as soon as you are finished using them, and whenever the app resigns being active. You could also obfuscate the array elements to make string searching through memory dumps a little more difficult.


Even with a jailbroken iDevice, that would be unlikely, as the location for the memory is probably so deep. If you are really concerned about that, here is a solution, if you are not worried about overhead of NSMutableString (dealloc of your class):

-(void) dealloc
{
    for (int i = 0; i < [myString length]; i++)
    {
          [myString replaceCharactersInRange:NSMakeRange(i, 1) withString:@"*"];
    }
    [myString release]; // or dealloc
    // clean up rest
    [super dealloc]; // dont forget this :)
}


So you also raised the issue about writing off to Flash. If your app goes into background, it will not necessarily release the objects - and give you the opportunity to erase them (as discussed in the other answer).

IF you're really concerned about this - I'd disable Fast App Switching on your app to make sure this never happens, in addition to implementing some sort of object over-erase code on dealloc, as discussed above.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜