iOS 钥匙串是否在没有设备密码的情况下加密?
Is the iOS keychain encrypted without device passcode?
到目前为止,我认为 iOS 钥匙串是存储用户名和密码的最佳方式。但是,我发现 this site 指出:
"without a passcode, all data on the device — including sensitive data stored in the Keychain — can be read by anyone with momentary access to the device"
我已经阅读了有关 iOS security 的 apples 文档中的相关部分,但没有任何明确说明?
这个说法是真的还是我误解了什么?
The keychain is implemented as a SQLite database stored on the file
system. There is only one database; the securityd daemon
determines
which keychain items each process or app can access. Keychain access
APIs result in calls to the daemon, which queries the app’s
“keychain-access-groups,” “application-identifier,” and
“applicationgroup” entitlements. Rather than limiting access to a
single process, access groups allow keychain items to be shared
between apps.
这意味着即使没有 Passcode
,黑客也无法访问您的钥匙串数据。
它在 Apple 的 the securityd daemon
的控制之下。
如果没有 the securityd daemon
.
,您将无法访问钥匙串的数据
Update:
Maybe that's what u want to know: Hacker vs Keychain
到目前为止,我认为 iOS 钥匙串是存储用户名和密码的最佳方式。但是,我发现 this site 指出:
"without a passcode, all data on the device — including sensitive data stored in the Keychain — can be read by anyone with momentary access to the device"
我已经阅读了有关 iOS security 的 apples 文档中的相关部分,但没有任何明确说明?
这个说法是真的还是我误解了什么?
The keychain is implemented as a SQLite database stored on the file system. There is only one database;
the securityd daemon
determines which keychain items each process or app can access. Keychain access APIs result in calls to the daemon, which queries the app’s “keychain-access-groups,” “application-identifier,” and “applicationgroup” entitlements. Rather than limiting access to a single process, access groups allow keychain items to be shared between apps.
这意味着即使没有 Passcode
,黑客也无法访问您的钥匙串数据。
它在 Apple 的 the securityd daemon
的控制之下。
如果没有 the securityd daemon
.
Update:
Maybe that's what u want to know: Hacker vs Keychain