Codebook now available in French iTunes and Google Play stores

2016-07-18 06:00:00 -0400

Hey everyone, we have some very exciting news to share with all iOS and Android users in France: We are once again selling our well known password manager and note taker Codebook in the French iTunes App Store and the French Google Play Store!

It has been about 4 years since we had to stop selling Codebook (named STRIP at that time, Strip on your iPhone’s home screen) due to French laws regarding the selling of encryption software but we recently received approval to start selling our software in France again and we are really excited.

Upgrading from Version 1 to Version 3

Our existing customers in France stopped receiving iOS updates around version 1.6, and the current version is 3.1. We have tested the upgrade from the old STRIP versions to the new Codebook versions and there do not appear to be any issues. However, we recommend that you first backup your device to iTunes or iCloud or use the Sync feature to sync your data with a Dropbox account.

Name and Icon Changed - Codebook is STRIP!

STRIP was renamed to Codebook and it has a new icon on your iOS home screen:

New icon for STRIP, now Codebook

If you currently get automatic updates from Apple, once the app is released in France, it will automatically update the current STRIP app to Codebook and replace the icon on your home screen. If you leave this setting on and notice that your STRIP icon is gone and you now see a new Codebook icon, this is OK, DO NOT delete it as this is the new version of STRIP. You can login with the same password you have been using for STRIP and all your data should be intact.

While We Were Away

There have been quite a few other changes to Codebook for iOS since version 1.6. A modern interface, fixes and improvements, and lots of new features. We’ve also created ports of Codebook for Android, macOS, and Windows, making your passwords available on other devices you use.

An incomplete listing of new features and improvements:

Need Help?

Please contact us at support@zetetic.net if you have any questions. You can visit our original announcement of the change from STRIP to Codebook to learn more about the transition.

SQLCipher for Android 3.5.2 Release

2016-07-07 08:15:00 -0400

SQLCipher for Android 3.5.2 was just released, addressing two specific items since our recent Android N release. First, we have corrected an issue in which the UTF-16 encoded content was not translated correctly under a few specific situations. In a scenario where the underlying type affinity of the column of the database is TEXT, and numeric values were stored in that column, queries that returned that value and attempted to retrieve the value via getInt(…) or getDouble(…) would incorrectly translate the content, misrepresenting the stored value. This has been corrected, and tests have been added to the SQLCipher for Android test suite to track the correct behavior for the future.

The last change updates the C++ library support included within the native platform libraries, switching from the LLVM C++ static library to the STLport static library. This provides increased support on certain deployment scenarios specific to the armeabi platform. We have updated the SQLCipher for Android integration tutorial providing instructions for utilizing the latest binaries.

SQLCipher for Android Release—Android N Support

2016-06-23 08:15:00 -0400

We are happy to announce the release of SQLCipher for Android 3.5.1. This is an urgent and mandatory upgrade for applications wishing to support Android N when it is publicly released.

This release of SQLCipher for Android incorporates several major changes to facilitate operating on Android 2.1 through Android N, supporting armeabi, armeabi-v7a, and x86 platforms. The Google Android team contacted us directly, requesting many of the changes below. These changes were mandatory to make SQLCipher for Android compatible with Android N. Below is a highlight of the changes that are included with the latest release:

  1. All internal and third-party library dependencies except for OpenSSL (the crypto provider) have been removed. This includes libbinder, libandroid_runtime, libnativehelper, libcutils, libutils, and libicuc.
  2. Non-essential Google AOSP legacy provider code and supporting code has been removed
  3. The library has been converted to use native UTF-16 encoding internally instead of performing redundant on-the-fly translation
  4. Multiple related changes to the JNI layer
  5. Removal of collation sequences that are dependent on ICU or AOSP libraries

There have been some significant benefits to this effort:

  1. SQLCipher for Android is now compatible with the latest Android N Developer Preview 4 (i.e., build NPD56N)
  2. The build process has been drastically simplified and is now much easier to understand
  3. Issues with characters that fall outside of the basic multilingual plane (e.g. emoticons) have been resolved
  4. Less time is required to build the library from source
  5. Only a single native .so library is required for each platform
  6. The resulting libraries are much smaller that before (armeabi is only 1.6 MB), and no longer require a large supporting ICU database
  7. These architecture changes pave the way for future improvements like API modernization and improved x64 support

Installation

Instructions for installing the latest release of SQLCipher for Android can be found here.

If your previous usage of SQLCipher for Android was packaged as a zip archive that included 3 .so files per platform (i.e., libdatabase_sqlcipher.so, libsqlcipher_android.so, and libstlport_shared.so), you should remove all of those. Our new packaging will only include one .so file (i.e., libsqlcipher.so) for each native platform. In addition to the different native libraries, you should also remove the ICU zip file (i.e., icudt46l.zip) previously included within the assets directory of your application.

Important: This upgrade is required for all applications wishing to support Android N while using SQLCipher for Android. Without this upgrade, current installations of SQLCipher for Android will crash on Android N. We do not know the official release date of Android N, however Google is advising application developers to update their applications for imminent release in Q3. Therefore we strongly advise all applications to begin the upgrade and testing process immediately with this release.

SQLCipher Version Scheme

2016-06-23 08:00:00 -0400

SQLCipher core has long used the versioning scheme defined by semantic versioning, however many of our client libraries have utilized modified schemes to define their versions. As many of the client libraries we utilize as the basis for integrating SQLCipher are open source, often times their version schemes have already been defined.

Having different version schemes for our client libraries introduced confusion around a given library supporting a specific file format associated with a given SQLCipher core release. We may make changes to the upstream client library specific to SQLCipher integration and need a means of conveying that. To address this, we will utilize the X.Y.Z version scheme, for both SQLCipher core and client libraries, however we are adjusting the rules associated with the various version segments to properly align with our domain.

Modified X.Y.Z version rules for SQLCipher:

  • X will map to the major version of SQLCipher (i.e., file format compatibility)
  • Y will map to major changes in the client or core library (i.e., security fix)
  • Z will map to minor changes in the client or core library

We plan to adopt this scheme going forward as we release new and updated client libraries with the aim of simplifying and consildating the versioning schemes across our libraries.

Find in Codebook iOS App Extension Released

2016-06-14 05:00:00 -0400

Today we’re happy to announce the release of Codebook 3.1.0 for iPhone and iPad, featuring a new iOS App Extension, Find in Codebook, allowing you to securely lookup your Codebook records from Mobile Safari and fill out forms on the web. The option is disabled by default, you need to launch the new app once and sign in to make it available. Here it is in action:

PLEASE LAUNCH CODEBOOK AND SIGN IN ONCE PRIOR TO LAUNCHING THE FIND IN CODEBOOK APP EXTENSION

Find in Codebook Demo from Zetetic on Vimeo.

Read on below for step-by-step instructions for setting up Find in Codebook.

This update also introduces an additional password generation option – Diceware. Diceware is a method of creating strong, random, yet easy to remember passphrases:

Version 3.1.0 is available now in the iOS App Store:

Enabling Find in Codebook

  • Update Codebook to 3.1.0
  • Launch Codebook once and sign in
  • Open Safari and visit a webpage
  • Tap on the Action/Share button at the bottom of the view (it looks like an arrow coming out of a box)

  • Swipe the bottom (grey icons) row to the end and tap More

  • Look for Find in Codebook in the list and set the switch next to it to On

  • Optionally, use the drag handle icon to move it higher up in the list
  • Tap Done

Using Find in Codebook

  • Visit a page with a login form (e.g. https://www.dropbox.com/m/login )
  • Tap on the Action/Share button

  • Tap on Find in Codebook

  • When prompted, authenticate

  • Tap the entry that best matches the website/URL (e.g. Dropbox)

The results list is broken up into 3 different sections:

  1. Exact Matches - match the URL exactly (e.g. https://www.dropbox.com/m/login)
  2. Host Matches - match the Host (e.g. www.dropbox.com)
  3. Suggestsions - match relevant part of the url (e.g. dropbox)

We recommend entering the full website into the “Website” field of the entry, so that when you visit the login page, the correct result will show up under “Exact Matches”

  • Find in Codebook will return you to Safari and use the record you selected to fill out the form

Generating Diceware Passphrases

  • Create a new (or edit an existing) password field

  • Select “Generate Random”

  • Select “Character Set”

  • Select “Diceware”

  • Choose the number of Diceware words, generate a Diceware password (by tapping the circular arrow), then once you have one you like, tap Done