I have a static scanner telling me that I need to change all occurences of String where I store sensitive data, because it is immutable and I should instead use a character Array and zero it out afterwards.
I checked this forum and noticed to similar topics. My question is:
- Should I avoid using SWIFT String for handling sensitive data, if there are not dependencies on the usage of String itself. Furthermore I understand that zeroing out a char array is not a 100% fix against memory scrubs, but it will make it more difficult.
- If I was not using SWIFT but OBJECTIVE-C how should I go and fix the same issue ?
You can find my thoughts on this subject here.
Let’s look at your specific questions:
Should I avoid using SWIFT String for handling sensitive data
No. Changing language or techniques won’t solve this problem. I explain why in the thread I referenced above.
If I was not using SWIFT but OBJECTIVE-C how should I go and fix the same issue ?
Your language choice doesn’t matter here, because the critical problem is not your code but how your code interacts with the system.
Share and Enjoy
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"