If I had to speculate, I’d say that Apple’s amazing success over the past five or six years has effectively blinded the company to these problems, or, to be more charitable, that the success has resulted in Apple prioritizing software quality behind hardware quality and predetermined ship dates, and in sticking with a set of App Store policies that no company in a less dominant position could ram down developers’ throats.

First, you need to salt your key. That means adding random data to it so that if the same data is encrypted with the same password, the ciphertext will still be different. The key should then be hashed, so that the final result is the correct length. The correct way to do this is with PKCS #5 (PBKDF2).

[…]

OK, now you have a salt. What do you do with it? Save it with the cipertext. You’ll need it later to decrypt. The salt is considered public information so you don’t need to protect it.

And now the mystical initialization vector (IV) that confuses everyone. In CBC-mode, each 16-byte encryption influences the next 16-byte encryption. This is a good thing. It makes the encryption much stronger. It’s also the default. The problem is, what about block 0? The answer is you make up a random block -1. That’s the IV.

Asked who actually uses Bing.......... people who want money to make their movie look better use Bing. ;)

So after one year fight and trouble we have decided to remove iCloud from ListBook in the next version and wait until Apple shows us a working solution. The same thing with BudgetBook. The new iPad- and iPhone-app are 98% finished but we can’t release it because the sync doesn’t work.

Sample Python and Objective-C showing how to upload to Amazon S3 without uploading through an intermediate web-service. The basic theory is explained here.

Project consists of a sample Python Flask based server app (suitable for hosting on heroku) that hosts a simple upload form that uploads files directly to Amazon S3.