Preventing me from reading data uploaded by my users to Firebase Database2019 Community Moderator ElectionHow to encrypt user data in Firebasehow to compare my contact with the contacts uploaded in firebase databaseEncrypt and decrypt a google Firebase realtime database entryFirebase upload multiple images in swiftFirebase check if phone number present already in the database from addressbookFirebase Client ( user ) contact form?Changing Firebase Database Rules from ApplicationGDPR & Firebase Realtime DataBase - Authentication and users identification: How to anonymize user data on firebase?Encrypt sensitive data with FirebaseEncrypt chat messages stored in Firebase Database
Humans have energy, but not water. What happens?
Why don't MCU characters ever seem to have language issues?
validation vs test vs training accuracy, which one to compare for claiming overfit?
What is the dot in “1.2.4."
Plywood subfloor won't screw down in a trailer home
How can I discourage/prevent PCs from using door choke-points?
How is the Swiss post e-voting system supposed to work, and how was it wrong?
"One can do his homework in the library"
What does it mean when multiple 々 marks follow a 、?
What is the likely impact on flights of grounding an entire aircraft series?
Want to switch to tankless, but can I use my existing wiring?
Rejected in 4th interview round citing insufficient years of experience
Running a subshell from the middle of the current command
What is the blue range indicating on this manifold pressure gauge?
What exactly is the purpose of connection links straped between the rocket and the launch pad
Do Bugbears' arms literally get longer when it's their turn?
Does splitting a potentially monolithic application into several smaller ones help prevent bugs?
Can "semicircle" be used to refer to a part-circle that is not a exact half-circle?
Can infringement of a trademark be pursued for using a company's name in a sentence?
Does Linux have system calls to access all the features of the file systems it supports?
What is the definition of "Natural Selection"?
Life insurance that covers only simultaneous/dual deaths
Welcoming 2019 Pi day: How to draw the letter π?
Best approach to update all entries in a list that is paginated?
Preventing me from reading data uploaded by my users to Firebase Database
2019 Community Moderator ElectionHow to encrypt user data in Firebasehow to compare my contact with the contacts uploaded in firebase databaseEncrypt and decrypt a google Firebase realtime database entryFirebase upload multiple images in swiftFirebase check if phone number present already in the database from addressbookFirebase Client ( user ) contact form?Changing Firebase Database Rules from ApplicationGDPR & Firebase Realtime DataBase - Authentication and users identification: How to anonymize user data on firebase?Encrypt sensitive data with FirebaseEncrypt chat messages stored in Firebase Database
So I have an app in which the user collects the contact details of other people (like name, phone, email etc).
When the details are collected I save them in Realm on the device and to Firebase Database so that his contacts are accessible when he changes devices.
My problem is that I can read all the details he uploads to the database and I want to prevent this from happening.
So I want only the user and no one else to be able to read the data he uploads.
So my question is: is there a way I can achieve it without encryption?
If it can't be achieved this way, then what's the easiest and best way to encrypt and decrypt those details?
I've read similar questions on SO and also tried searching articles but unfortunately I don't understand them. I have zero knowledge about encryption.
If my only option is encryption it would also be greatly appreciated if you could guide me in the right direction by providing SO answers, articles, tutorials whatever. Thanks!
ios swift firebase encryption
|
show 3 more comments
So I have an app in which the user collects the contact details of other people (like name, phone, email etc).
When the details are collected I save them in Realm on the device and to Firebase Database so that his contacts are accessible when he changes devices.
My problem is that I can read all the details he uploads to the database and I want to prevent this from happening.
So I want only the user and no one else to be able to read the data he uploads.
So my question is: is there a way I can achieve it without encryption?
If it can't be achieved this way, then what's the easiest and best way to encrypt and decrypt those details?
I've read similar questions on SO and also tried searching articles but unfortunately I don't understand them. I have zero knowledge about encryption.
If my only option is encryption it would also be greatly appreciated if you could guide me in the right direction by providing SO answers, articles, tutorials whatever. Thanks!
ios swift firebase encryption
Questions asking us to recommend or find a book, tool, software library, tutorial or other off-site resource are off-topic for Stack Overflow. So this question is off topic for this site. That being said, there's no need for encryption and it's unclear why you are using two different back-end databases, and why you're not using Firebase Rules to only allow that user to see their data.
– Jay
Mar 6 at 17:56
@Jay I'm sorry, I've only intended that question as a second additional one to my main question. So you're saying that I can deny myself access to the user data using Firebase Security Rules? Could you please explain how should I do that? Thank you.
– chnski
Mar 6 at 18:01
I included the link to Firebase Rules in my original comment - it explains how rules work and provides examples as well. If you are the creator of the App, and created a project in your Firebase console then you would have access to your projects settings and data through the console. Other than that, you could leverage rules to provide fine-grained access to any component within the data or no access at all.
– Jay
Mar 6 at 18:26
@Jay Well I've already read through that doc and set up the security rules in such a way that only the current user has access to his own data. This is all well and good, but my problem is that I, as the creator of the app, am able to read the user's data in the console. This is what I want to prevent.
– chnski
Mar 6 at 18:41
There's no way to block your own access in the console - which obviously wouldn't make sense as somebody has to have access. So then you looking at encoding all of your data which can be a significant performance hit (depending on implementation). Check out RNCryptor which works very well.
– Jay
Mar 6 at 20:16
|
show 3 more comments
So I have an app in which the user collects the contact details of other people (like name, phone, email etc).
When the details are collected I save them in Realm on the device and to Firebase Database so that his contacts are accessible when he changes devices.
My problem is that I can read all the details he uploads to the database and I want to prevent this from happening.
So I want only the user and no one else to be able to read the data he uploads.
So my question is: is there a way I can achieve it without encryption?
If it can't be achieved this way, then what's the easiest and best way to encrypt and decrypt those details?
I've read similar questions on SO and also tried searching articles but unfortunately I don't understand them. I have zero knowledge about encryption.
If my only option is encryption it would also be greatly appreciated if you could guide me in the right direction by providing SO answers, articles, tutorials whatever. Thanks!
ios swift firebase encryption
So I have an app in which the user collects the contact details of other people (like name, phone, email etc).
When the details are collected I save them in Realm on the device and to Firebase Database so that his contacts are accessible when he changes devices.
My problem is that I can read all the details he uploads to the database and I want to prevent this from happening.
So I want only the user and no one else to be able to read the data he uploads.
So my question is: is there a way I can achieve it without encryption?
If it can't be achieved this way, then what's the easiest and best way to encrypt and decrypt those details?
I've read similar questions on SO and also tried searching articles but unfortunately I don't understand them. I have zero knowledge about encryption.
If my only option is encryption it would also be greatly appreciated if you could guide me in the right direction by providing SO answers, articles, tutorials whatever. Thanks!
ios swift firebase encryption
ios swift firebase encryption
edited Mar 6 at 17:10
rmaddy
244k27324386
244k27324386
asked Mar 6 at 17:08
chnskichnski
63
63
Questions asking us to recommend or find a book, tool, software library, tutorial or other off-site resource are off-topic for Stack Overflow. So this question is off topic for this site. That being said, there's no need for encryption and it's unclear why you are using two different back-end databases, and why you're not using Firebase Rules to only allow that user to see their data.
– Jay
Mar 6 at 17:56
@Jay I'm sorry, I've only intended that question as a second additional one to my main question. So you're saying that I can deny myself access to the user data using Firebase Security Rules? Could you please explain how should I do that? Thank you.
– chnski
Mar 6 at 18:01
I included the link to Firebase Rules in my original comment - it explains how rules work and provides examples as well. If you are the creator of the App, and created a project in your Firebase console then you would have access to your projects settings and data through the console. Other than that, you could leverage rules to provide fine-grained access to any component within the data or no access at all.
– Jay
Mar 6 at 18:26
@Jay Well I've already read through that doc and set up the security rules in such a way that only the current user has access to his own data. This is all well and good, but my problem is that I, as the creator of the app, am able to read the user's data in the console. This is what I want to prevent.
– chnski
Mar 6 at 18:41
There's no way to block your own access in the console - which obviously wouldn't make sense as somebody has to have access. So then you looking at encoding all of your data which can be a significant performance hit (depending on implementation). Check out RNCryptor which works very well.
– Jay
Mar 6 at 20:16
|
show 3 more comments
Questions asking us to recommend or find a book, tool, software library, tutorial or other off-site resource are off-topic for Stack Overflow. So this question is off topic for this site. That being said, there's no need for encryption and it's unclear why you are using two different back-end databases, and why you're not using Firebase Rules to only allow that user to see their data.
– Jay
Mar 6 at 17:56
@Jay I'm sorry, I've only intended that question as a second additional one to my main question. So you're saying that I can deny myself access to the user data using Firebase Security Rules? Could you please explain how should I do that? Thank you.
– chnski
Mar 6 at 18:01
I included the link to Firebase Rules in my original comment - it explains how rules work and provides examples as well. If you are the creator of the App, and created a project in your Firebase console then you would have access to your projects settings and data through the console. Other than that, you could leverage rules to provide fine-grained access to any component within the data or no access at all.
– Jay
Mar 6 at 18:26
@Jay Well I've already read through that doc and set up the security rules in such a way that only the current user has access to his own data. This is all well and good, but my problem is that I, as the creator of the app, am able to read the user's data in the console. This is what I want to prevent.
– chnski
Mar 6 at 18:41
There's no way to block your own access in the console - which obviously wouldn't make sense as somebody has to have access. So then you looking at encoding all of your data which can be a significant performance hit (depending on implementation). Check out RNCryptor which works very well.
– Jay
Mar 6 at 20:16
Questions asking us to recommend or find a book, tool, software library, tutorial or other off-site resource are off-topic for Stack Overflow. So this question is off topic for this site. That being said, there's no need for encryption and it's unclear why you are using two different back-end databases, and why you're not using Firebase Rules to only allow that user to see their data.
– Jay
Mar 6 at 17:56
Questions asking us to recommend or find a book, tool, software library, tutorial or other off-site resource are off-topic for Stack Overflow. So this question is off topic for this site. That being said, there's no need for encryption and it's unclear why you are using two different back-end databases, and why you're not using Firebase Rules to only allow that user to see their data.
– Jay
Mar 6 at 17:56
@Jay I'm sorry, I've only intended that question as a second additional one to my main question. So you're saying that I can deny myself access to the user data using Firebase Security Rules? Could you please explain how should I do that? Thank you.
– chnski
Mar 6 at 18:01
@Jay I'm sorry, I've only intended that question as a second additional one to my main question. So you're saying that I can deny myself access to the user data using Firebase Security Rules? Could you please explain how should I do that? Thank you.
– chnski
Mar 6 at 18:01
I included the link to Firebase Rules in my original comment - it explains how rules work and provides examples as well. If you are the creator of the App, and created a project in your Firebase console then you would have access to your projects settings and data through the console. Other than that, you could leverage rules to provide fine-grained access to any component within the data or no access at all.
– Jay
Mar 6 at 18:26
I included the link to Firebase Rules in my original comment - it explains how rules work and provides examples as well. If you are the creator of the App, and created a project in your Firebase console then you would have access to your projects settings and data through the console. Other than that, you could leverage rules to provide fine-grained access to any component within the data or no access at all.
– Jay
Mar 6 at 18:26
@Jay Well I've already read through that doc and set up the security rules in such a way that only the current user has access to his own data. This is all well and good, but my problem is that I, as the creator of the app, am able to read the user's data in the console. This is what I want to prevent.
– chnski
Mar 6 at 18:41
@Jay Well I've already read through that doc and set up the security rules in such a way that only the current user has access to his own data. This is all well and good, but my problem is that I, as the creator of the app, am able to read the user's data in the console. This is what I want to prevent.
– chnski
Mar 6 at 18:41
There's no way to block your own access in the console - which obviously wouldn't make sense as somebody has to have access. So then you looking at encoding all of your data which can be a significant performance hit (depending on implementation). Check out RNCryptor which works very well.
– Jay
Mar 6 at 20:16
There's no way to block your own access in the console - which obviously wouldn't make sense as somebody has to have access. So then you looking at encoding all of your data which can be a significant performance hit (depending on implementation). Check out RNCryptor which works very well.
– Jay
Mar 6 at 20:16
|
show 3 more comments
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55028599%2fpreventing-me-from-reading-data-uploaded-by-my-users-to-firebase-database%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55028599%2fpreventing-me-from-reading-data-uploaded-by-my-users-to-firebase-database%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Questions asking us to recommend or find a book, tool, software library, tutorial or other off-site resource are off-topic for Stack Overflow. So this question is off topic for this site. That being said, there's no need for encryption and it's unclear why you are using two different back-end databases, and why you're not using Firebase Rules to only allow that user to see their data.
– Jay
Mar 6 at 17:56
@Jay I'm sorry, I've only intended that question as a second additional one to my main question. So you're saying that I can deny myself access to the user data using Firebase Security Rules? Could you please explain how should I do that? Thank you.
– chnski
Mar 6 at 18:01
I included the link to Firebase Rules in my original comment - it explains how rules work and provides examples as well. If you are the creator of the App, and created a project in your Firebase console then you would have access to your projects settings and data through the console. Other than that, you could leverage rules to provide fine-grained access to any component within the data or no access at all.
– Jay
Mar 6 at 18:26
@Jay Well I've already read through that doc and set up the security rules in such a way that only the current user has access to his own data. This is all well and good, but my problem is that I, as the creator of the app, am able to read the user's data in the console. This is what I want to prevent.
– chnski
Mar 6 at 18:41
There's no way to block your own access in the console - which obviously wouldn't make sense as somebody has to have access. So then you looking at encoding all of your data which can be a significant performance hit (depending on implementation). Check out RNCryptor which works very well.
– Jay
Mar 6 at 20:16