Insecure service configuration - App Backup
Need
Secure configuration of application backups
Context
• Usage of Swift for iOS and macOS app development
• Usage of UIKit for building modern and responsive user interfaces
Description
1. Non compliant code
import UIKit
@UIApplicationMain
class AppDelegate: UIResponder, UIApplicationDelegate {
var window: UIWindow?
// Override point for customization after application launch....The code above represents a typical AppDelegate.swift file in an iOS application written in Swift. The AppDelegate.swift file is the core of your app, and it's where your app's state transitions are handled. The vulnerability lies in the `application(_:shouldSaveApplicationState:)` and `application(_:shouldRestoreApplicationState:)` methods. These methods are part of the iOS State Preservation and Restoration process. When these methods return `true`, it means that the app's state will be saved when it's terminated and restored when it's relaunched. This includes all data in memory at the time of termination. If an attacker gains access to a user's device, they can access the saved state data and potentially extract sensitive information stored by the app. This is particularly dangerous if your app handles sensitive information such as personal data, credit card numbers, etc.
2. Steps
• Disable the backup option for the application.
• Ensure that sensitive data is not stored locally on the device.
• Implement secure data storage mechanisms such as encryption or secure keychain storage.
• Consider using secure cloud storage or server-side storage for sensitive data.
• Regularly review and update the application's security configurations and practices.
3. Secure code example
import UIKit
@UIApplicationMain
class AppDelegate: UIResponder, UIApplicationDelegate {
var window: UIWindow?
// Override point for customization after application launch....The original code had a vulnerability where the application state was being saved and restored. This could potentially allow an attacker who has access to a user's device to obtain the information stored by the application inside the device. The fixed code disables the backup option for the application by returning `false` in the `shouldSaveApplicationState` and `shouldRestoreApplicationState` methods. This means that the state of the application will not be saved or restored if the application is terminated. In addition to this code fix, it is recommended to ensure that sensitive data is not stored locally on the device and to implement secure data storage mechanisms such as encryption or secure keychain storage. Consider using secure cloud storage or server-side storage for sensitive data. Regularly review and update the application's security configurations and practices to prevent potential vulnerabilities.
References
• 172. Insecure service configuration - App Backup