Friday, August 19, 2011

iCloud Key-Value is better than a UDID

There is a lot of chatter about Apple depreciating the UDID API and apparently providing no alternative to track a user.  Firstly, lets clear up how insecure and unreliable using the UDID is for identifying a user, which is tied to the device.  The user's device could be

  • lost,
  • stolen,
  • replaced / exchanged,
  • sold or
  • given away.

That UDID is now potentially in the hands of another individual, even if you remote wipe your device.

Beginning with iOS 5, Apple is providing a secure service called iCloud Key-Value storage that will serve as a superior alternative.  iCloud K-V storage offers a limited amount of space in the cloud for a single application or shared between a suite of applications; either scenario is at the app developer's discretion.  If your application requires access to it's own servers for user-specific information, you can store a unique token in their iCloud K-V store to reunite your application with their data, without them ever having to log in again* after the initial handshake.  This applies even when the user replaces their device, as the token is stored in the cloud.

Apparently, Pandora uses the UDID to remember your profile and potentially exposes your playlists if your device falls victim to one of the more dubious fates mentioned above.  Easily solved if you follow a pattern similar to the following sequence diagram:


Naturally, you should take the appropriate measures to secure the conversation between your app and your server.

If you do need to track a specific device, there are ways to programmatically obtain the MAC address.  Not something I would recommend.

* Apple is yet to address a significant caveat regarding the lack of multiple Apple IDs under a single iTunes account.  Your iCloud account is your Apple ID, and that implies all your family members must log in to the same account, providing no way to separate users.

Friday, August 05, 2011

Local (file system) development with Google Chrome

If you use Google Chrome for an advanced local file system development on Mac OS X, no doubt you've been frustrated with issues such as security (same origin).  All is not lost, as I've created an application bundle that allows you to launch Chrome from Finder with the following additional command-line switches:

You can download the archive from here.

If there are other switches you wish to add, many of which are conveniently documented here,

  • RMB and select Show Package Contents and
  • edit the shell script in Google Chrome


Wednesday, August 03, 2011

Transferring Preview app signatures in Lion

Lion introduced a great new feature that allows you to capture your signature via an attached camera and store it in an encrypted form for later use.  Therein lies the problem; you must have an attached camera.

I have a Mac Pro, and wanted to use the signatures I captured on my Macbook Pro.  Following these steps, you can transfer the encrypted signatures over.

On your machine endowed with the power of sight:

  1. Go ahead and capture the signatures in Preview.
  2. Quit Preview
  3. Browse to ~/Library/Containers/
    • In Finder, click the Go menu and hold the option (⌥) key to show the Library folder, alternatively
    • press ⌘+⇧+G whilst Finder is active and enter the path above to directly navigate
  4. Copy the
  5. Launch Keychain Access
  6. Ensure the login keychain is selected and the Passwords category
    Copying Preview signatures password from keychain
  7. Right-click the Preview Signature Privacy password and select Copy Password to Clipboard.  This is the password used to encrypt the signature images.
  8. Paste it into a text editor and save the file.  You'll need to transfer this to your other computer(s)

On your machine you wish to transfer the signatures to:

  1. If you haven't already, launch Preview, open preferences, and select the Signatures tab to ensure the default configuration files and folders have been created.  Exit Preview.
  2. Browse to ~/Library/Containers/
  3. Copy the to the folder, overwriting any existing file
  4. Launch Keychain Access
  5. Locate the Preview Signature Privacy password in the login keychain and double click to edit
    Replace the Preview Signature Password
  6. Click the Show password checkbox and paste the password you copied from your original machine.
  7. Click Save Changes and you're done