Tom Whipple

Where Are PGP Tools for iOS?

Is any one using PGP on iOS? The options seem extremely limited.

Despite the fact that PGP has been around for decades, PGP support on iOS is quite limited. It is readily available on traditional computers (see Prism Break for an exhaustive list), but what about iOS?

Most PC applications seem to simply provide a frontend for GPG via a mechanism like GPGME. This approach avoids the pitfalls of rolling your own crypto, but it means that GPG must be available. However, the design of iOS precludes launching another user process from within an app. And, since GPG is licensed under the GPL, which may conflict with Apple’s terms of service, there is little incentive to put a lot of effort into this

The result of these two problems means that there is not yet a good option for developers who want to support secure email.

Even with these problems there are a couple apps available, though it isn’t apparent what crypto libraries they are using.

iOS Apps:

  • iPGMail might be a good option. The app store screen shots only show the key management features, but reviews are good.
  • oPenGP seems to be based on copying/pasting for encryption/decryption. Single review mentions crashing.

Related libraries:

  • GPGME is an interface to the GPG binary. It might be possible to port GPG/GPGME to the iPhone, but the design of this library is based upon starting GPG as it’s own process, which is forbidden by iOS. GPGME is licensed under the LGPL, but GPG is GPL’d, possibly making it unsuitable for App Store distribution.
  • UNNetPGP is based on NetPGP, the NetBSD PGP library. The BSD license is a better option for many apps, but NetPGP has not seen any active development since 2010. UUNetPGP still has some rough edges to be flushed out, but looks very promising if the underlying library is maintained.
  • libgcrypt is an actively maintained, LGPL, general purpose crypto library. However, it is only a crypto library. It doesn’t handle keyring management and requires much more knowledge of crytpo on the part of the developer.

Hacker News discussion

My GPG Public Key ID: 7DBCC339

PGP Key fingerprint:

1
C7C3 0951 F2A5 6B85 3CD7  8801 4EFD 0909 7DBC C339

Download key

Long overdue

Posting a public encryption key has been on my mental TODO list for some time. Recent revelations about routine NSA surveillance has caused widespread outcry, yet how many people actually use strong encryption for personal communication on a daily basis? Tools like GPG can be difficult to use, so they get little acceptance. Additionally, managing crypto keys across multiple devices (computer, phone, tablet, etc.) increases ease of use hurdles and increases security challenges.

It seems there aren’t yet any good solutions to these problems. But in the mean time, I’m planning to sign all messages I send from my home computer. And I’m making it possible for others to send me encrypted messages. I hope others will do the same.

Software

  • Prism Break - An exhaustive list of open software & services for the threatened or paranoid.
  • GPG - The standard in public-key encryption. For those that enjoy the command line.
  • GPGMail - GPG plugin for Apple Mail. The easiest to use I’ve seen so far.

Further reading

IPython Notebook: The Awesomest Mathematical Programming Tool EVER

Yes, that’s a bold claim. But I stand by it. I’ll skip straight to the important part:

IPython Notebook makes it dead simple to explore your code/data. Just look at my simple signal processing example.

Intrigued? If you’ve already installed IPython (and numpy/scipy and matplotlib), you’ve already got it! Just start notebook:

$ ipython notebook --pylab inline

The notebook console will open in a browser window. (Ok, you might need a couple more dependencies, but how hard is that??)

Then all you have to do is download the notebook and drag it to the console browser window! How awesome is that?!

And, if that isn’t enough, a lot of work has been put into it’s multi-processing abilities. It is well worth the time to watch the introductory video.

Guest Post at Testdroid: Using Testdroid Cloud to Test a Camera SDK

The great people at Testdroid asked me to write a guest post about our experience with their product.

Developing an SDK that makes heavy use of the camera is different from typical Android app development. First, developing an SDK means that we have to think about ease of integration with other apps. For example, things like XML layouts and R.drawable are not available to us, since we don’t want any unnecessary integration steps. Second, we are doing on-device computer vision, so we have a lot of highly optimized C and even some hand written assembly which must be compiled with the NDK and linked via JNI. And, if you’ve been fortunate to work with the Android native layer, you know that the toolchain is not quite as stable as the Java SDK. Finally, we’re doing frame by frame processing with the camera. Obviously, the camera is a piece of hardware that has been implemented differently by each manufacturer, so there are inevitably some differences in behavior if it is accessed in a way that is not quite as intended.

more

For small app developers, it is well worth the $100 or so to test on a bunch of different devices, even if you only run the tests once per major release. You’ll wish you had done it sooner.