Ios – Remote wipe of application data in iOS

iosios4ipadiphone

I am working on an enterprise application, where the client has the requirement of wiping all the data stored by the application, from the device, remotely. That is, in the case when a user reports a lost device.

If we forget about the service side implementation of it, is it even possible to do a remote wipe of data stored in application sandbox. What about deleting files present in the application resources like sqllite files and certificates?

I was browsing the net for it and came along this site which claims to do so in their product.

If it can be done, how should we approach this problem?

Remote wipe feature has been added by Apple in iOS 4.2 onwards using mobile me. I don't think they are doing this through remote notifications. In that case there wouldn't be any sure shot guarantee, that the data is deleted from the device.

Best Answer

The best way would be to encrypt the data on the iPhones disk and only decrypt it in memory (since iOS 4 there is a similar mechanism built in). Before you let the user use the data, you ask a server if the iPhone is allowed to encrypt the data (a even better approach would be that the server gives the iPhone the key to decrypt the data, so a attacker won't find it in code). If the server denies the request, the App wipes all the stored data and you are done.

This of course only works when your app is allowed to require a internet connection (or at least a connection to the local intranet where it can communicate with the server)

Swift

Install via CocoaPods or Carthage: https://github.com/ashleymills/Reachability.swift

Test reachability via closures

let reachability = Reachability()!

reachability.whenReachable = { reachability in
    if reachability.connection == .wifi {
        print("Reachable via WiFi")
    } else {
        print("Reachable via Cellular")
    }
}

reachability.whenUnreachable = { _ in
    print("Not reachable")
}

do {
    try reachability.startNotifier()
} catch {
    print("Unable to start notifier")
}

Objective-C

Add SystemConfiguration framework to the project but don't worry about including it anywhere
Add Tony Million's version of Reachability.h and Reachability.m to the project (found here: https://github.com/tonymillion/Reachability)

Update the interface section

#import "Reachability.h"

// Add this to the interface in the .m file of your view controller
@interface MyViewController ()
{
    Reachability *internetReachableFoo;
}
@end

Then implement this method in the .m file of your view controller which you can call

// Checks if we have an internet connection or not
- (void)testInternetConnection
{
    internetReachableFoo = [Reachability reachabilityWithHostname:@"www.google.com"];

    // Internet is reachable
    internetReachableFoo.reachableBlock = ^(Reachability*reach)
    {
        // Update the UI on the main thread
        dispatch_async(dispatch_get_main_queue(), ^{
            NSLog(@"Yayyy, we have the interwebs!");
        });
    };

    // Internet is not reachable
    internetReachableFoo.unreachableBlock = ^(Reachability*reach)
    {
        // Update the UI on the main thread
        dispatch_async(dispatch_get_main_queue(), ^{
            NSLog(@"Someone broke the internet :(");
        });
    };

    [internetReachableFoo startNotifier];
}

Important Note: The Reachability class is one of the most used classes in projects so you might run into naming conflicts with other projects. If this happens, you'll have to rename one of the pairs of Reachability.h and Reachability.m files to something else to resolve the issue.

Note: The domain you use doesn't matter. It's just testing for a gateway to any domain.

Best Answer

Related Solutions

Ios – How to change the name of an iOS app

Ios – How to check for an active Internet connection on iOS or macOS

Swift

Objective-C

Related Topic