This was posted 11 years 11 months 25 days ago, and might be an out-dated deal.

Related
  • expired

Lockr for iOS FREE for a Limited Time (Normally $0.99) - Encrypt/Protect Your Notes

170
Lockr for iOS FREE for a Limited Time (Normally $0.99) - Encrypt/Protect Your Notes
Go to Deal
AssociatedLRawr @ iTunes Store brett-hayes on 27/11/2012 - 17:14 itunes.apple.com (573 clicks)
Last edited 27/11/2012 - 19:25

Hi all,

As a slightly-late celebration of Cyber Monday (the version upgrade didn't quite make it through the Apple approval process in time), i've updated my iOS app, "Lockr", for free for a limited time (expires at the end of Wednesday 28th).

Lockr is a secure note storage app - allowing you to record private information and know that it'll be protected from prying eyes (even from those whom know your phone pincode).

It supports pin, passcode and pattern lock (think Android-style pattern locking) to protect your notes.

KEY FEATURES
* All data is encrypted using AES-256bit encryption at rest, and the encryption key itself is never held in storage.
* Choose from four security types: PIN (numbers only) or Passcode (numbers, symbols & letters), pattern (3x3 grid) or pattern (4x4 grid) to protect (and encrypt) your notes
* Configure amount of time in the background before you must enter your Lockr passcode again
* Configure number of failed passcode attempts before notes are irreversibly erased
* Customise the font style, size and app colourscheme to your liking (good for those who don't like the default Notes app style).

** The rest of the features can be found on the iTunes link above. If you like the app, please rate it :)

I'm the developer of this app. I welcome any comments, questions or feedback - lockr[at)bh.id.au **

Mobile iOS App

Related Stores

iTunes Store brett-hayes
iTunes Store brett-hayes
Apple App Store
Apple App Store
Marketplace

closed Comments

  • cvas on 27/11/2012 - 19:17
    +1

    Cool looking app. Can you store photos in it?

    • AssociatedRawr @ iTunes Store brett-hayes on 27/11/2012 - 19:22

      Text only at this stage - maybe photos later down the track :)

  • hashtagbargain on 27/11/2012 - 19:38

    Looks good, waiting for the functionality to store pix…

    Downloaded, thanks Brett!

  • thelastnoob on 27/11/2012 - 20:42

    how can the encryption be tested? any issues using on jailbroken phone as in can the attacker get the raw file and easily decode? i am iphone 5 anyway so no jailbreak but once when i lost a password to a journal application i used jailbreak to find the file transfered to pc and could open in notepad although there was no encryption. is each note encrypted or has it to do with opening the app?

    edit - i just read all data is encrypted but still interested in knowing how to verify the encryption level.

    Counter Terrorists Win

    How To Break Unbreakable AES Encryption
    http://www.consealsecurity.com/conseal-blog/how-to-break-unb…

    AES encryption not as tough as you think
    http://www.theregister.co.uk/2009/08/03/new_crypto_attack/

    256-bit AES encryption broken in SandForce SSD controllers
    http://techreport.com/news/23096/256-bit-aes-encryption-brok…

    • Ultraman on 27/11/2012 - 20:56

      App description says the note text is encrypted using AES256.

    • AssociatedRawr @ iTunes Store brett-hayes on 27/11/2012 - 21:05
      +3

      Each note you create is encrypted with your chosen passcode/key. If you were to jailbreak and inspect the files, the note data itself would be indecipherable (in the aim of being fully transparent: the 'note modification date' and 'favourite flag' [i.e. whether it is a favourite or not], are NOT encrypted - this is a usability & speed tradeoff). When you log into the application and provide your passcode, it cycles through each encrypted note and decrypts them.

      If you were so inclined to try and reverse engineer the data structure, and technically inclined (skilled), you could copy the files to your PC and write an algorithm to try and brute-force the key. The amount of time this would take depends on the length of your chosen passcode, and the power of the PC doing the brute-force (just like with any other password cracking activity). If you want something really secure, choose a long & complex key!

      Lockr will be more secure than the Journal application which you're speaking about (sounds like they took the easy way out). You should not be able to simply jailbreak the device and open the files in notepad. If you want to test it, you'll need to jailbreak - but i've got nothing to hide, so I have no problem with people going down that route and sharing their results :) Just be careful, because you're weakening your own device's security / bypassing iOS security controls when you do this - don't get hit with malware or other malicious apps in the process.

      For those of you who are super-security-conscious: yes, the passcode and note data is held in memory unencrypted whilst the app is open - ultimately there's no easy way to protect this (after all, it has to be decrypted to be viewed). It's never stored unencrypted in device storage. The iOS operating system puts in controls to protect process memory - don't jailbreak your device and you should be fine.

      • AssociatedRawr @ iTunes Store brett-hayes on 27/11/2012 - 21:06
        +3

        As a sidenote: This design means there's no way to implement have a 'password reset' function in the app, because the data would be indecipherable without the key. The best that a password reset function could do would be to wipe the data and start again (or brute-force to find your original key…but that's not really practical…).

        • thelastnoob on 27/11/2012 - 21:08

          thanks for fast and comprehensive and honest answers
          I remember a PC program called Shyfile which claimed up to 6,144-bit encryption and a $10,000 reward for cracking any messages. I never trusted it.

  • thelastnoob on 27/11/2012 - 20:52

    Can we please have a 'fake' login mode so if requested/blackmailed/threatened to open it we can enter the 'fake' login and it will erase the data 7 times over to prevent data recovery
    my password safe program does similar after 5 bad attempts
    please consider this as an option so i can wipe it immediately

    actually another layer of security would be to use a dodgy icon and different name and then user could bury the app deep in a folder and it would hopefully be ignored

    good to see its full screen on iphone 5

    tested on ipad and not full screen

    128-bit AES encryption is deemed appropriate (PDF) for the US government's "secret" designation, and only information classified as "top secret" must be encoded with stronger (192- or 256-bit) encryption.

    • AssociatedRawr @ iTunes Store brett-hayes on 27/11/2012 - 21:10

      Thanks. I thought about implementing a 'fake' login mode, but wasn't sure how practical it was (i.e. in reality, how many users actually would make use of such a function). Happy to take comments here from people about it.

      The app already has an option to wipe data after x failed login attempts (check the settings) :).

      Yep - not iOS universal at this point.

      • thelastnoob on 27/11/2012 - 21:13

        'Fake' login should be included as an option but with a disclaimer on its usage as dummys would activate it by accident. this will satisfy the more paranoid and private

    • GreenHornet on 27/11/2012 - 22:08

      Plausible deniability ;)

  • thelastnoob on 27/11/2012 - 21:24
    +1

    Tested on Ipad 3 Jailbroken Ios 5 using Ifunbox for file transfer to PC

    I transfered files real time while app was running and notes Decrypted on screen (highly unlikely scenario anyway)

    Tried to open in Notepad and could not retrieve anything that way including pin (4 numbers) as well as note

    • AssociatedRawr @ iTunes Store brett-hayes on 27/11/2012 - 21:44

      Thanks thelastnoob.

      I appreciate any app-store reviews from satisfied users (no obligation - feel free to use it a bit first), or even bug reports to my email address (above) if anyone runs into problems.

Login or Join to leave a comment
Login Join