All geek questions in one place

Office Application Distribution Security for Office Applications - OTA iOS

In the on-air application of the enterprise application, iPhone safely downloads an XML manifest file containing a fully qualified URL pointing to the .ipa file (the application itself), then downloads the application from there and installs it.

I am wondering if there is a security flaw here. Assuming iPhones are outside the firewall on the public Internet and in the absence of a VPN, the .ipa file should not be publicly available for HTTP, i.e. Anyone could capture it and install using iTunes if they knew the URL

Apple link http://help.apple.com/iosdeployment-apps/#app43ad871e (I think that these are only corporate developers).

Perhaps I missed something and is it safe?

thanks

Bill.

+4
source share
3 answers

To use the iPhone OTA application, the person who is trying to download the application must install the appropriate certificate.

Enterprise applications are limited to 1000 OTA installations that Apple can track from their end.

For non-enterprise developer accounts, you have a limit of 100 devices that must first obtain the device UDID before the provisioning portal before they can install the appropriate certificate to run the application.

So, if you can distribute ipa for free (via HTTP or FTP or whatevs), they will still need the correct valid certificate, and this will be controlled.

Of course, there are ways around this, but overall, how Apple protects OTA installations.

+4
source

If you distribute the .ipa file for your Enterprise profile, this application can be installed on any device. You will see a subtle warning at the bottom of the preparation page that says something like

This profile can be installed in any application.

I tested it and it really works.

+1
source

Yes..ipa is on the open Internet. You can password protect the page (.htpasspw) so that anyone who knows the URL must enter the user / password command to enter the page and to download ipa.

+1
source

Source: https://habr.com/ru/post/1394340/

More articles:


All Articles