I am at a lost in understanding the security aspect in using NSCoding given in Chapter 14. The output file is a text file, can this be accessed/edited by the user easily? The output text file seems to contains a lot of symbols. Also, would anyone has a good example (or a Raywenderlich book) in learning how best to encrypt game data (e.g., AES)? For example, in the Pest Control example in Chapter 14, if an in-app purchase is available for users to purchase Bugs Spray or Additional Time, what would be the best method to ensure user do not edit the file? Would using AES be an overkill for this purpose? or the NSCoding in Chapter 14 is sufficient for this purpose?
I absolutely enjoy this book, I am learning a lot, and the examples are excellent. Thank you Raywenderlich team
@pawspile - the only directory that a user has easy access to is the app’s Documents directory. And that’s only if iTunes sharing is on.
I would store in-app purchase information in NSUserDefaults. This plist file is held in the Library/Preferences directory. The Library directory is backed up when the iPhone is backed up.
In olden times, I used to plug my iPhone into my computer and use iExplorer to view the Library directory, but Apple’s shut down even this, and I don’t know of an app that can view the Library folder.
I personally wouldn’t bother with further encryption. That’s not to say that enthusiastic users won’t find some way (jail break etc) to access files (they probably aren’t paying customers anyway), but most users won’t be able to.
On behalf of the team, thank you also for you kind words
Thank you so much Caroline, very clear explanation. I did read up and not entirely sure about the plist format from the security aspect. With your kind guidance, I have done a few testing, it is indeed well hidden. I now have much better idea how best to design my app’s data storage going forward.
I do really appreciate the exceptional detail, clarity and care the team has put into this book. Such a pleasure to read and getting the apps built!