Simon B. StøvringFeb 8

RE: https://mastodon.social/@pfandrade/116035886020550720

So can we actually use CloudKit's public database to store user-specific and/or sensitive data without it being widely available? So it's more like a traditional database an app can build functionality on?

Can anyone confirm this?

If that's the case, I've totally misunderstood the public database for years. I have always considered it suitable only for sample data and other data meant to be broadly accessible without auth.

Show threadSteve Troughton-SmithFeb 8
@simonbs @pfandrade I'm pretty sure anything stored in CloudKit for any bundle ID can be retrieved on a Mac with System Integrity Protection turned off. Security by obscurity only
Show threadJaanus Kase

@stroughtonsmith @simonbs @pfandrade that’s a bit pessimistic, isn’t it

CK has a bunch of crypto protections, especially for data in private db if people have Advanced Data Protection enabled

It is even end to end encrypted… sometimes, under certain conditions, which are opaque to you as a developer 🙈

https://canopy-docs.justtact.com/documentation/canopy/icloud-advanced-data-protection

Documentation

Feb 15 at 8:21pmWeb