Mike/Kordant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
203591ca0582c2a680d4e862b66d8e58db9fa3e2
Kordant/tasks/ios-production/06-jailbreak-detection.md
Michael Freno 5214412fff get to prod tasks
2026-05-26 16:06:34 -04:00

2.6 KiB
Raw Blame History

06. Jailbreak Detection & Runtime Security

meta: id: ios-production-06 feature: ios-production priority: P2 depends_on: [] tags: [security, hardening, production]

objective:

  • Implement jailbreak detection and runtime security measures to protect the app on compromised devices

deliverables:

  • Jailbreak detection implementation
  • Runtime integrity checks
  • Anti-tampering measures
  • Secure enclave usage for sensitive operations

steps:

  1. Implement jailbreak detection:
    • Check for common jailbreak files (/Applications/Cydia.app, etc.)
    • Check if app can write outside sandbox
    • Check for suspicious dylibs
    • Use multiple detection methods for robustness
    • Add to APIClient or AppDelegate
  2. Define jailbreak response:
    • Option A: Block app usage with warning
    • Option B: Degrade functionality (no biometric, no payments)
    • Option C: Log and alert backend
    • Recommended: Option B + alert backend
  3. Implement runtime integrity checks:
    • Verify code signature at runtime
    • Detect debugger attachment
    • Detect code injection attempts
    • Verify method swizzling hasn't occurred
  4. Use Secure Enclave:
    • Store encryption keys in Secure Enclave
    • Use biometrics via LocalAuthentication framework
    • Protect keychain items with biometry constraint
  5. Add anti-tampering:
    • Obfuscate sensitive strings (API endpoints, keys)
    • Verify bundle identifier hasn't changed
    • Check for binary modification
  6. Implement backend alerting:
    • Send jailbreak detection event to backend
    • Include device info (non-identifiable)
    • Flag account for additional monitoring

tests:

  • Unit: Test detection logic with mock jailbreak indicators
  • Integration: Test on jailbroken device (if available)
  • Security: Verify debugger detection works

acceptance_criteria:

  • Jailbreak detection active with multiple methods
  • App degrades gracefully on detected jailbreak
  • Backend receives alert when jailbreak detected
  • Secure Enclave used for key storage
  • Debugger attachment detected and handled
  • Runtime integrity checks active
  • Sensitive strings obfuscated in binary
  • No false positives on non-jailbroken devices

validation:

  • Run on normal device → no jailbreak detected, full functionality
  • Run on jailbroken device → degraded mode activated
  • Attach debugger → app detects and responds
  • Check backend logs → jailbreak events received

notes:

  • Jailbreak detection is cat-and-mouse — don't rely on it exclusively
  • Apple may reject apps that overly aggressively block jailbroken devices
  • Degradation is safer than blocking (better user experience)
  • Use Swift string obfuscation libraries for sensitive data
Reference in New Issue View Git Blame Copy Permalink