从iOS 9开始,Apple决定阻止sysctl,它提供了一系列正在运行的进程(https://developer.apple.com/videos/wwdc/2015/?id=703)。
在搜索私有API之后,我找到了一个名为“THIRDPartyApps”的类,它看起来正是我所需要的(进程名称和WiFi和WWAN中的数据使用)。 但是,我不知道如何检索THIRDPartyApps列表。
有人知道它是如何运作的吗?
编辑:
通过Symbolication.framework 2类找到:VMUProcList& VMUProcInfo。 在第一个中,有一个名为allProcInfos的方法返回VMUProcInfo的NSArray。
适用于7.1.2设备(我认为它在8.X设备上也能正常工作)但在iOS 9设备上不再有效。我在控制台中有一个漂亮的错误:
调用sysctl以获取进程列表缓冲区大小失败:不允许操作
答案 0 :(得分:3)
我刚刚观看了WWDC 2015关于安全和隐私的会议,并汇总了一些关于iOS 9带来的变化的说明,我认为这些变化很有意思。 App Transport Security
这是一个很大的问题:默认情况下,在iOS 9上,将不再允许应用程序启动纯文本HTTP连接,并且需要使用具有最强TLS配置的HTTPS(TLS 1.2和PFS密码套件):
通过向App的Info.plist添加一些配置键,可以解除这些限制并仍然通过纯文本HTTP检索数据。此外,App Transport Security似乎仅适用于使用NSURLSession启动的连接。虽然不推荐使用NSURLConnection(强制每个人都切换到HTTP的NSURLSession),但我想知道通过其他网络API(例如NSStream)启动的纯文本连接是否也会失败。
整体上发生了很大的变化,这甚至可能是强制HTTPS作为App Store政策一部分的第一步。 检测已阻止的已安装应用
Apple已经关闭了三个隐私空白,允许应用程序检测设备上安装了哪些其他应用程序。
The first technique was to use the sysctl() function to retrieve the process table (a remnant of OS X), which includes the list of running Apps. In iOS 9, sysctl() was modified to no longer allow sandboxed Apps to retrieve information about other running processes.
The second technique relied on the UIApplication canOpenUrl method to try known URI schemes implemented by specific Apps, in order to detect if these Apps were installed on the device. This was made famous by Twitter, which used a list of 2500 URI schemes to detect which Apps were installed on the device. In iOS 9, Apps have to explicitly declare which schemes they would like to use in their Info.plist file. For Apps targeting iOS 8 but running on an iOS 9 device, there is also a hard limit of 50 URI schemes that can be checked at most.
There was a third technique which relied on the icon cache being accessible to sandboxed Apps. Although it wasn’t even mentionned in the WWDC video, this privacy leak has also been addressed in iOS 9.
总体而言,缩小这些隐私差距对用户来说是一个很好的举措,因为这些API被各种应用和分析/广告SDK滥用。