SQLCipher Version Scheme

2016-06-23 08:00:00 -0400

SQLCipher core has long used the versioning scheme defined by semantic versioning, however many of our client libraries have utilized modified schemes to define their versions. As many of the client libraries we utilize as the basis for integrating SQLCipher are open source, often times their version schemes have already been defined.

Having different version schemes for our client libraries introduced confusion around a given library supporting a specific file format associated with a given SQLCipher core release. We may make changes to the upstream client library specific to SQLCipher integration and need a means of conveying that. To address this, we will utilize the X.Y.Z version scheme, for both SQLCipher core and client libraries, however we are adjusting the rules associated with the various version segments to properly align with our domain.

Modified X.Y.Z version rules for SQLCipher:

  • X will map to the major version of SQLCipher (i.e., file format compatibility)
  • Y will map to major changes in the client or core library (i.e., security fix)
  • Z will map to minor changes in the client or core library

We plan to adopt this scheme going forward as we release new and updated client libraries with the aim of simplifying and consildating the versioning schemes across our libraries.

Find in Codebook iOS App Extension Released

2016-06-14 05:00:00 -0400

Today we’re happy to announce the release of Codebook 3.1.0 for iPhone and iPad, featuring a new iOS App Extension, Find in Codebook, allowing you to securely lookup your Codebook records from Mobile Safari and fill out forms on the web. The option is disabled by default, you need to launch the new app once and sign in to make it available. Here it is in action:

PLEASE LAUNCH CODEBOOK AND SIGN IN ONCE PRIOR TO LAUNCHING THE FIND IN CODEBOOK APP EXTENSION

Find in Codebook Demo from Zetetic on Vimeo.

Read on below for step-by-step instructions for setting up Find in Codebook.

This update also introduces an additional password generation option – Diceware. Diceware is a method of creating strong, random, yet easy to remember passphrases:

Version 3.1.0 is available now in the iOS App Store:

Enabling Find in Codebook

  • Update Codebook to 3.1.0
  • Launch Codebook once and sign in
  • Open Safari and visit a webpage
  • Tap on the Action/Share button at the bottom of the view (it looks like an arrow coming out of a box)

  • Swipe the bottom (grey icons) row to the end and tap More

  • Look for Find in Codebook in the list and set the switch next to it to On

  • Optionally, use the drag handle icon to move it higher up in the list
  • Tap Done

Using Find in Codebook

  • Visit a page with a login form (e.g. https://www.dropbox.com/m/login )
  • Tap on the Action/Share button

  • Tap on Find in Codebook

  • When prompted, authenticate

  • Tap the entry that best matches the website/URL (e.g. Dropbox)

The results list is broken up into 3 different sections:

  1. Exact Matches - match the URL exactly (e.g. https://www.dropbox.com/m/login)
  2. Host Matches - match the Host (e.g. www.dropbox.com)
  3. Suggestsions - match relevant part of the url (e.g. dropbox)

We recommend entering the full website into the “Website” field of the entry, so that when you visit the login page, the correct result will show up under “Exact Matches”

  • Find in Codebook will return you to Safari and use the record you selected to fill out the form

Generating Diceware Passphrases

  • Create a new (or edit an existing) password field

  • Select “Generate Random”

  • Select “Character Set”

  • Select “Diceware”

  • Choose the number of Diceware words, generate a Diceware password (by tapping the circular arrow), then once you have one you like, tap Done

SQLCipher 3.4.0 Release

2016-04-05 11:00:00 -0400

We are happy to announce a new release of SQLCipher, version 3.4.0. This release is based upon the upstream version of SQLite 3.11.0, which includes significant performance optimizations to SQLite, you may see up to a 22% performance improvement over the previous version for the same operations.

There are few new features we would like to draw attention to:

  1. JSON support
  2. FTS5 support
  3. PCL support
  4. PRAGMA updates
  5. WatckKit support

JSON support is a relatively new feature included within SQLite as an extension called json1. The json1 extension includes a set of scalar functions for composing, extracting, and manipulating JSON content - a very welcome addition for applications that often interface with JSON.

SQLCipher has long included support for both FTS3, and FTS4, the full-text search facility provided by SQLite. With the 3.4.0 release, we have also included FTS5 support which address issues that could not be fixed in FTS4 without breaking backward compatibility. A few highlights of FTS5 include:

  • FTS5 supports “ORDER BY rank” for returning results in order of decreasing relevancy
  • FTS5 features an API allowing users to create custom auxiliary functions for advanced ranking and text processing applications
  • FTS5 recognizes Unicode separator characters and case equivalence by default

The client libraries found in SQLCipher for Windows Phone and SQLCipher for Windows Runtime have been updated, continuing our transition from sqlite-net to the PCL compatible version based on SQLite.Net-PCL. Upgrading existing applications is rather seamless, requiring minimal code changes generally localized to how the connection to the database is made. The addition of PCL support allows for sharing much of the data model source code, minimizing duplication across platforms.

There are two PRAGMA updates that have been included in SQLCipher 3.4.0. First, we have deprecated the setter PRAGMA for manipulating the cipher used at runtime. Currently, you can still adjust the cipher used, on crypto providers that support switching, however this will return an error state and will be removed in a future release. We have added a new PRAGMA, PRAGMA cipher_provider_version that will provide the version of the crypto provider that was compiled within SQLCipher if available, this information will only be available following the keying of a database.

We are now offering commercial builds of SQLCipher targeting Apple WatchKit supporting i386, armv7k, x86_64, allowing you to further secure databases stored on the Apple Watch. ⌚

Availability

SQLCipher in source format is directly available here. The community edition of SQLCipher for Android is available via AAR packaging using the following line:

compile 'net.zetetic:android-database-sqlcipher:3.4.0@aar'

Updates to commercial builds are available now. Information regarding the purchase of both commercial and enterprise offerings of SQLCipher can be found here. The 3.4.0 version of SQLCipher includes many new, exciting features we are excited to share with you. Please give it a spin!

Codebook Journal and Improved Touch ID Security

2016-03-29 06:20:00 -0400

We’ve been putting a lot of elbow grease into our password manager Codebook since the 3.0 update at the beginning of the year and we got to share some of that work in recent updates this month for iOS and Mac. On Monday March 14th we released 3.0.3 for Mac and Tuesday the 15th we released 3.0.4 for iPhone and iPad. Many of our point releases focus on a small number of issues, but this is a pretty big update between the two with dozens of bug fixes, improvements, a new feature, and improved security for Touch ID login on iOS. This is a free update for all customers.

The new Journal view

Journal is a new view in Codebook for iOS and OS X that shows all the notes in your database in one place, sorted either by the date the note was created or the date it was updated (up to you.) Notes are still stored in categories alongside multi-field records, this view makes it possible to keep track of those notes over time.

Were you a user of Codebook 2 on iOS? You can rearrange your tabs in Codebook 3 on iOS to show the Journal view first if you prefer to use the app as a secure notebook. Just tap on the More tab, then Edit, and arrange your tabs as you like:

On OS X you can find Journal in the Views list (or access it directly by using the shortcut shift command 3), and the sorting preference is available under Preferences:

The Journal view will be coming to Windows and Android soon.

Improved Security for Touch ID Login

Codebook on iPhone and iPad offers a setting that allows the user to enable the use of Touch ID fingerprint authentication for logging in to Codebook. This makes it much easier to use a strong master password on mobile devices where typing it in can be a bit arduous.

Recently an attack on this was suggested by Per Thorsheim of Godpraksis and the Passwords conference, where another person with knowledge of your iOS device passcode (perhaps a family member) could use that to add their own fingerprint to the list of authorized fingerprints and thereby impersonate the owner at Touch ID prompts like the one in Codebook.

Fortunately, in iOS 9 Apple introduced some new security restrictions that we as developers can take advantage of to help prevent this. Version 3.0.4 improves Touch ID login for Codebook on iOS 9 in two ways:

  1. If Touch ID authentication is used with Codebook it will no longer allow fallback to the device passcode
  2. If changes are made to registered fingerprints in iOS Codebook will not allow Touch ID for authentication and require you to reenable this feature

To take advantage of these improvements sign in to Codebook, tap on the Settings tab, then Login Settings. There disable and then enable the Touch ID login feature.

Import and Export on Mac

Codebook for OS X has not always done a particularly stellar job when it came to importing data, especially large amounts of it. This version introduces a completely revamped Import feature that rips through large CSV files and is more tolerant of text files that aren’t encoded in UTF8.

Import on the Mac side no longer provides the ability to do bulk updates of existing records by including a column named EntryID. We never provided it on Windows and we’ve always been a bit skeptical of its utility. Now all rows are treated as new records to be created.

To facilitate the creation of Notes one can now include a column named Note Entry, each row with a value in this column’s field will be treated as Note rather than a multi-field Entry.

Export to CSV no longer includes the EntryID column, and provides the contents of Notes in the Note Entry field. There is also a new option on the Export dialog where you can select Plain Text output instead. This produces an unencrypted text document suitable for printing should you wish to have a hard backup of your data for safe storage.

Accessibility and Keyboard Shortcuts

Throughout Codebook for OS X we’ve been working to ensure that the application is fully accessible; any task one could accomplish with a mouse should also be available using the keyboard. We’re not all the way there yet but we’re on our way, adding new shortcuts where they were missing and improving the options available in the File and View menus. For instance, one can now access the new Views above the Categories list by using the shortcuts for them under the View menu (e.g. Use command 3 to select the Journal view). You can keep up with all our keyboard shortcuts here. We’ve also been going through the interface adding better labels for voice-over support for identifying controls. Coming soon: a Cut feature for entries, a keyboard shortcut for removing fields, and Undo for editing an entry (in case you really didn’t want to delete that field).

Stay tuned for more updates, we’ve got more good things coming for Codebook, big and small!

Codebook 2 Will Be Discontinued On July 4th, 2016

2016-02-22 06:00:00 -0500

Now that the dust is starting to settle with Codebook 3 it’s time to wind down Codebook 2. Currently the app is in maintenance mode; we have a minor bug fix update on the way, but no feature improvements planned. On July 4th, 2016 we will remove it from sale in the iTunes App Store. At that point it will no longer be available to download from the App Store, and may not be available for restore from an iCloud backup either. You will still be free to use the Codebook 2 software you purchased after that date, however, you must make regular backups in iTunes so that you have a copy of the app, or you will be at risk of losing access in the event of a device transfer or reset. It is also a good idea to ensure your Codebook 2 data is frequently backed up to Dropbox as well.

Backing up your Device (click Use iTunes)

If you are a Codebook 2 customer and are having trouble migrating your data (or deciding to upgrade), please get in touch with us at support@zetetic.net.