2020-11-25 07:00:00 -0500
We are pleased to announce that SQLCipher 4.4.2 is now available. It includes the following important changes:
SQLCipher Core
- Improved error handling to resolve potential corruption if an encryption operation failed while operating in WAL mode
- Changes to OpenSSL library cryptographic provider to reduce initialization complexity
- Adjusts PRAGMA cipher_integrity_check to skip locking page to avoid a spurious error report for very large databases
SQLCipher Commercial and Enterprise
The following changes and enhancements are available for Commercial and Enterprise packages:
- non-FIPS macOS, iOS, and Mac Catalyst packages have been updated to support build and execution on new Apple Silicon (arm64) devices
- the minimum SDK for macOS packages using a FIPS 140-2 validated cryptographic module is now 10.9 to enable signing and notarization
- all packages now enable the DBSTAT Virtual Table to expose useful information about databases for analysis
Availability
Commercial and Enterprise - On-demand access to new releases of SQLCipher packages are available to all licensees with an active support subscription from the Customer Downloads fulfillment site. Licensees will also receive a separate email notification regarding the update and can contact us at any time for private support directly from the SQLCipher development team.
Community Edition - SQLCipher Community Edition source code is available on GitHub, via AAR packaging for Android, and CocoaPods for iOS.
2020-11-18 14:30:00 -0500
Time for a quick status update on what’s cooking for Codebook password manager and when we expect to release the next version!
As we noted back in September over on the discussion forum, we have a few exciting updates on the way, specifically for the Android, macOS, and Windows versions of Codebook. The main highlights are:
- Codebook Autofill for Android
- Password AutoFill for macOS Big Sur
- Password Weakness Warnings and other feature-parity changes for Windows
We’ve been aiming to release the three of them together as version 4.3.0. Lining up a multi-platform release isn’t easy, and isn’t technically necessary here like it might be if these were huge changes, but when it comes time to reach out and communicate what’s new it helps a lot. People are really inundated these days!
Here’s where we’re at:
- On Android we are finishing up beta testing on the new Autofill feature and are preparing for release.
- On Windows we are nearly ready to go, but found some small edge-cases and one unrelated crasher that we want to fix up before we declare it ready for release.
- On macOS we are ready to go—as of this morning Apple appears to have fixed a bug in their App Store validation that prevented anybody from submitting macOS apps that support Password AutoFill in Big Sur to the Mac App Store (even though macOS Big Sur supports it and was released last week!)
We expect to be done preparing for release (final adjustments and testing, final builds, announcements, website updates, moving builds into place, etc) by the end of this week. However, next week does not make for a good time to release software with the Thanksgiving holiday here in the United States. While these updates should be high in fiber and low impact, there’s always a chance something can go wrong and we want to make sure we’re on deck and ready to respond should the release not go as planned. Thus, we’re looking at November 30th for the release date.
If you’re a Mac user who has already upgraded to macOS Big Sur 11, the current version of Codebook now available should work mostly fine with a couple of minor wrinkles. However, if you are raring to go with the updated UI and AutoFill support you may access the latest Beta version now. Users of the Direct version of Codebook for macOS have an Updates tab on the Preferences window; set Release Channel to Beta and click on Check For Updates (Mac App Store users who wish to beta test should send us an email for access).
An aside: If you’re wondering, “what about 4.3.0 for iOS?” That’s already been released with support for iOS 14, and a subsequent update for compatibility with the screen sizes of the new iPhone 12 models Apple announced a few weeks back.
Attachments
Version 4.3.0 is not the only development effort underway right now! We have been hammering away at adding image storage to Codebook, allowing you to attach images to Entry records. This is the first step towards support for attaching and storing other types of files as well. The Images feature is about ready to go on macOS and iOS, we’re pretty far along on the Android implementation, and plan to start working on the Windows interface soon. Much of the groundwork for this feature is already in place from the Codebook 4 update last year that introduced a new sync system capable of supporting file attachments with speed and efficiency, and made changes to the database structure to ensure forward-compatibility.
Our thinking is to release Images on all four platforms at the same time as Codebook 5.
We’re going to need to do some extensive beta testing for this feature. If you’d like to test Images in Codebook, getting early access to a really cool new feature and helping us ensure that it’s robust and performs well, please reach out and let us know.
Join the Discussion
Want to join in the conversation? We’d love to hear from you! Please stop by our community discussion site to keep up with what’s new and share your thoughts.
2020-11-06 07:00:00 -0500
We are pleased to announce that SQLCipher 4.4.1 is now available. It includes the following important changes:
SQLCipher Core
- Updates baseline to upstream SQLite 3.33.0
- Fixes double-free bug in
cipher_default_plaintext_header_size
- Changes SQLCipher tests to use suite runner
- Improvement to
cipher_integrity_check
tests to minimize false negatives
- Deprecates PRAGMA
cipher_store_pass
SQLCipher Commercial and Enterprise
A new benchmarking and performance test extension provides a way to perform comparative analysis between different encryption settings, application releases, SQLCipher versions, database designs, and queries. This new feature will prove useful to developers interested in optimizing their applications when using SQLCipher.
We are pleased to add official Linux native and .NET packages for the latest version of SQLCipher. These new packages contain full support for SQLCipher Commercial and Enterprise edition extensions like Value Level Encryption, Encrypted Virtual Tables, Performance Counters, and the new benchmarking feature.
SQLCipher’s cross-platform .NET based packages for Windows, macOS, Xamarin.iOS, Xamarin.Android, and Linux have now been updated to support the latest Microsoft.EntityFrameworkCore.Sqlite.Core 3 and Microsoft.Data.Sqlite.Core 3. The new minimum supported framework version for these SQLCipher packages is .NET Standard 2.x. Note that SQLCipher is now using SQLitePCLRaw 2.x. On UWP platforms, applications may need to call sqlite3_win32_set_directory()
explicitly using this version.
The SQLCipher for ADO.NET compatibility package for System.Data.Sqlite on Windows now requires .NET Framework 4.6 or higher.
SQLCipher for Windows Enterprise packages using a FIPS 140-2 validated cryptographic module have been updated to depend on Visual C++ 2015 redistributable runtime files. Customers using Zetetic’s special FIPS packages and upgrading to the new version must ensure installation of the proper runtime components alongside SQLCipher.
Availability
Commercial and Enterprise - On-demand access to new releases of SQLCipher packages are available to all licensees with an active support subscription from the Customer Downloads fulfillment site. Licensees will also receive a separate email notification regarding the update and can contact us at any time for private support directly from the SQLCipher development team.
Community Edition - SQLCipher 4.4.1 in source format is directly available on GitHub. The Community Edition of SQLCipher for Android is available via AAR packaging. The Community Edition of SQLCipher for iOS can be compiled from source or using CocoaPods.
2020-09-15 04:00:00 -0400
Since the introduction of the Sync Key to Codebook in version 4, we have heard from customers who are concerned about backing up the Sync Key and potentially having to manage a Sync Key separate from their Master Password, lest they lose access to all the critical passwords and other information they have stored in Codebook.
We can say with confidence that is definitely not the case, and we’d like to clarify how the Sync Key fits into Codebook, and when and why to keep a backup of it outside of Codebook. In addition, if you lose your Sync Key Backup, it won’t make your data inaccessible, because each copy of Codebook you sync with has a copy of the Sync Key.
First, it’s important to note that we haven’t replaced your Master Password with the Sync Key. Your Codebook data is still stored in a single file, encrypted with your Master Password. You can even take a backup of the single database file, and then restore it to a new computer, without any need for the Sync Key.
So where does the Sync Key come into play? It’s used to encrypt all your Sync data, the changes that are passed back and forth. Whether you are syncing with WiFi, a local folder, or a cloud service (i.e. Dropbox or Google Drive), that data is encrypted with your Sync Key instead of the Master Password.
The Sync Key is stored by Codebook in your encrypted database on your device. And because it’s required to add the Sync Key to every new device you setup (so that all your devices can encrypt and decrypt the sync changes), there’s a copy of the Sync Key in the encrypted Codebook database on every device you sync with.
If you were to delete Codebook from one of these devices, or you lost and replaced one of these devices you sync with, all you need to set up the new device is to set the master password, add the Sync Key from one of your other devices, and perform a Restore.
So why do we ask you to Backup the Sync Key?
Say you use Codebook on an Android phone and a Windows laptop, and you’ve got a Google Drive account that you sync with. Or, maybe you use Codebook exclusively on an iPhone and an iPad, or maybe just one iPhone and sync with Google Drive. This means there is a copy of your encrypted sync data up in Google Drive that you could restore from if you were to lose access to one of your devices. Now let’s say you lose access to all your devices at the same time, perhaps in a house fire or burglary. So, you buy a new device, download Codebook, and you want to restore your passwords and other data. The data is still available in Google Drive, but it’s encrypted with your Sync Key, which you no longer have access to.
That’s where the Sync Key Backup comes in: the catastrophic scenario where you lose every copy of Codebook, and thus every copy of your Sync Key, and the only copy of your data is encrypted in your cloud service, for instance, encrypted with your Sync Key. The Sync Key Backup allows you to restore your data from an encrypted remote to a new device after access to all your other devices have been lost.
If the prompts in Codebook to Backup Your Sync Key come on a little strong, that’s a result of our trying to do some due diligence to help ensure this unlikely and catastrophic scenario is not possible. We tried to make the Sync Key Backup feature flexible by offering more than one option for creating a hard copy backup (printing an encrypted QR Code, or writing down a Word List), and to allow those who would prefer not to maintain a physical backup to ignore the feature and go about their business.
Where should you store the Sync Key Backup?
If you do choose to backup the Sync Key, you’ll want to store it in a secure place, as a determined attacker could use it to decrypt any sync data you might have on a remote service, since that data is encrypted with the Sync Key. Where to store the Sync Key Backup is a personal decision that will have a different answer for everybody depending on their needs and circumstances, but it may help to know that you should only need the Sync Key Backup in rare and catastrophic circumstances. Without endorsing any option in particular, here are some ideas:
- A secure hiding place
- A fire-proof safe
- A bank deposit box
- With a trusted family friend
- A personal attorney
As always, if you have any questions about the Sync Key or any other feedback on Codebook, please get in touch.
2020-05-21 02:00:00 -0400
Yesterday we released an important update to Codebook, version 4.1.0, on Android, iOS, macOS, and Windows. The new version supports a new Sync Operation feature, and provides a ton of excellent adjustments, improvements, and bug fixes. We’ve got a run-down of the new Operations and a full listing of all changes to the apps available on the discussion forum.
Note: Customers on Codebook 4.0 who use Desktop WiFi sync must upgrade!
If you attempt to sync 4.0 with 4.1 over Desktop WiFi you will run into an error. Sorry about that, we had to update the WiFi protocol to support the new Operation feature.