Maybe this is an obvious question, but what is the difference, from a security perspective (as opposed to ergonomics or performance), of storing a secret in a file on the file system with protection type FileProtectionType.completeUntilFirstUserAuthentication (the default), as compared to storing it in Keychain with the equivalent protection level, kSecAttrAccessibleAfterFirstUnlock?Or to put it a different way: What security protections does Keychain offer that File Data Protection does not, if they are implemented with the same (parallel) protection class?I've read the iOS Security document, but unfortunately I wasn't sure I understood the precise advantages of Keychain aside from ease of querying, performance optimizations, etc. (which of course are important advantages on their own, to be sure).
Post
Replies
Boosts
Views
Activity
In WWDC 720 ("What's New in Notifications"), the speaker Michele Campeotto talks about how silent notifications (where "content-available:1" is in the payload) are delivered on a "best effort" basis, using a number of factors: "It's going to use different signals from the device and from the user behavior, like power or the time of day to decide when it is a good time to deliver the notification and launch your app." He drew a distinction between this behavior and (non-silent) "user notifications", where, presumably, the push message is generally shown to the user regardless of time of day or battery level. But what is the expected behavior when a push has both an alert message (so is not "silent") but also has "content-available:1" (and so should wake up the app)? In this situation, does the OS use the same discretion in waking the app that it would in a truly silent push? And does the addition of "content-available:1" have an effect on the display rate of the push message itself? We've been sending pushes with both message string and the silent flag, and we suspect that some portion of the apps are receiving the notification in the UI but not being woken up. And we also want to make sure that the presence of the flag is not decreasing the number of apps that get the alert.