I’m thrilled to introduce a new iPhone application, My Secrets. It’s a personal organizer using the standard 256-bit AES encryption for data protection.I have been toying with the idea since iPhone SDK was announced. Occasionally I would throw an Xcode project together to test something, and let it sleep. I avoided making sketches or mock-ups because they tend to bend my thoughts towards static images. A quick hack, on the other hand, provides immediate physical feedback. It either works or not, making it easy to discard ideas, and sometimes even suggests good alternatives.

I started working on the application itself about two months ago, when its general structure was clear enough. By that time it also became evident that I was not going to create a blockbuster product in 100 thousand lines of code. Instead, I decided to make a scalable framework, an application I could grow in many ways, a program for myself. So the actual work began with cutting features left and right. Some of them could wait because their design wasn’t obviously good, others had to wait because the SDK was missing a thing or two. After all, I could wait for myself to implement certain features because I did not need them right now.

It’s Hard to be Simple

This is not a paradox, this is a fact of life. A compromise between ease of use and functionality is probably the most difficult and undervalued aspect of software development. Anything more sophisticated than a hello-world program requires user interaction, which can quickly turn into a tangle of menus and buttons as more features are added. 

I always wanted My Secrets to be a simple, yet powerful, application. Its primary interface is fairly minimal and self-explanatory. The main organizational unit of My Secrets is a folder, behaving like a traditional file system directory. You can put anything into a folder and name it as you like, it does not care what items it contains and what names they have (yes, you can put identically labeled items into a folder and nothing will get replaced). All it does is tell you the number of items and preserve their order. Of course, you can also use folders as categories of items if you prefer to keep similar things in one place.

Since I wanted to give maximum freedom of organization, I had to provide a means to move anything anywhere in the existing folder hierarchy, but without increasing the number of onscreen controls. The solution was to override the select-to-view action in the folder editing mode. In other words, normally, when you tap an item, you open it to view its content. If, on the other hand, you first press the Edit button to edit the folder content, tapping an item invokes a “Move To” list where you select the destination folder. The list contains all your folders presented in their hierarchy, so moving an object anywhere is often two taps away. This actually solves several problems at once:

• first, moving items around is a relatively infrequent action, compared to viewing, editing and adding;
• second, people tend to move items in batches, say, after creating a new folder;
• third, drag-and-drop like in a file browser does not work well for the iPhone;
• and, last but not least, moving an item a level up is very tricky without a special button.

Preserving user-defined item order was also a conscious choice. Most people get used to quickly find things where they left them (is it called spatial memory?). Arranging objects by modification date makes sense mostly with frequent changes, while the supposed usage pattern for My Secrets is to view often, edit rarely.

As Black As Midnight

Somewhere in a thought process I decided the UI would be black, period. Maybe, I overdosed on Nick Cave or Alien Pat. Holman, maybe days in November are too short. Anyway, I knew pink wouldn’t cut it. This was the first thing I refused to compromise on. And though it turned out to be a real programming challenge, I like the result.

Not only does it provide a (more or less) distinctive look and feel, its low brightness should also attract fewer curious eyes from behind your shoulder. 

Security Options

This is admittedly the most convoluted part of My Secrets, which I’m still laboring to explain in a few short sentences for the in-application help. Since the options deserve a comment, I’ll try to give it here.

Many people don’t set the passcode lock for some reason. I never use it myself because it annoys me when I need a quick access to some information and because I know it does not protect any sensitive data anyway. If a hacker gains physical access to your iPhone, the passcode lock will not present a problem until Apple implements a sort of total encryption of user data.

Now, suppose the following unlucky scenario. You lose your unlocked iPhone and somebody finds it. The first thing the person does, regardless of honesty, is look inside. If you have created a wallpaper with your business card on it, good. Otherwise, it’s non-trivial to identify the owner (the easiest way is to check e-mail accounts in Settings). If your device is in the hands of a less principled person, your notes are going to be examined and your applications launched. Ultimately, any program like My Secrets is a good target. At this stage the security options come to the foreground.

• Retry Limit: the number of incorrect password entries before a certain action takes effect. One means that you can make exactly one mistake entering the password, the second unsuccessful attempt will trigger the action.
• Action: what the application should do when the retry limit is reached. Currently, there are three options available.
  • Ignore Input. My Secrets will no longer check the password. It will pretend to do so, routinely saying the password is incorrect even if you enter the correct one. You have to relaunch it in order to access the database. This is the default behavior.
  • Quit. My Secrets will silently quit. This may annoy a casual cracker more, but, in fact, provides a clear indication that the entered password is incorrect.
  • Erase Database. This is self-explanatory. If the database gets deleted, you can restore it from your iTunes backup. Obviously, you should periodically back up your device anyway.
• If Found Return To: up to three contacts from your address book will be shown below the password prompt on the start-up screen. Tapping an e-mail address will launch Mail. On the iPhone only: after tapping a phone number you will be asked if you want to call the number or send an SMS.

Password Security

Here’s an important note about encryption and your password. My Secrets uses the standard iPhone OS implementation of 256-bit AES encryption for two reasons. Firstly, it is considered strong enough to be impractical to crack:

The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths (source). 

Secondly, it is hardware-accelerated on both iPhone and iPod Touch, which makes it ridiculously fast.

With this in mind, remember that whatever the encryption algorithm is, if you can access your data with a password, anyone else can. In other words, your password should be a) impossible to guess and b) impossible to pick from a dictionary. Since the password is case-sensitive, what works well is a combination of lower- and uppercase letters and digits/punctuation marks.

A Better List of Contacts

I needed a list of contacts for the “If found return to” option. Besides, there’s a feature in My Secrets’ roadmap that will need such a list of contacts.

Sure, the SDK has one, but it’s white and if it slides in somewhere in my black program, it’s like a stab in the eye. In addition, I wanted one final touch, people’s portraits to the left of their names. I’m missing faces in Contacts.app lists and I can’t help it. I mean, why, yes, I can!

It turned into another coding challenge which deserves its own blog post. But man, is there a thing more gratifying than knowing you’ve done something better than Apple? And now, if somebody tells me that Apple should have included people’s photos in every list in Contacts.app, I know the answer: if they implemented every whim, iPhone SDK would never ship.

Roadmap

My Secrets is currently missing a number of useful features. Some of them are slated for the next release, others are going to wait until I can get them right. I’m trying to avoid a rigid roadmap because user feedback can change it a lot. You are always welcome to tap the Help icon, select the About tab and choose “Send Feedback”.

Desktop companions are also highly desirable both for Mac OS and Windows. However, having considered my choices, I don’t like any of them. Currently there’s no officially supported way to sync application data between a PC and an iPhone except some sort of Wi-Fi networking. A do-it-yourself network is out of the question because, to be honest, I don’t want to spend the rest of my life writing articles on IP addresses. An ideal solution would work over USB and Apple has a private framework to do it nicely, but it’s private. So the feature is on hold.

As My Secrets matures, the price is likely to rise as well. If I get to write desktop companions, especially for Windows, it definitely will. So check out a free fully functional demo limited to 3 items. Hint: if you only need to securely store a couple of credit cards’ numbers, you don’t have to pay at all. Ever.

Posted on Friday, January 9th, 2009 at 12:07 under Announcements, iPhone.
You can follow responses to this article through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.