[英]Detect/Stop Spoofing of Location possible in iOS sdk?
I am having an application in which users need to visit particular locations.我有一个应用程序,用户需要在其中访问特定位置。 When users are nearby to this location a form is being open to fill.
当用户在此位置附近时,将打开一个表单以供填写。 I have doubt that some users are spoofing their current locations(using any other application) and filling form at their home.
我怀疑某些用户是否在欺骗他们当前的位置(使用任何其他应用程序)并在家中填写表格。 Means fooling to my application.
意味着愚弄我的应用程序。
I searched on Apple store and there is no application available for GPS spoofing or the application which can spoof location coordinates for other application in the iOS device.我在 Apple Store 上搜索过,没有可用于 GPS 欺骗的应用程序或可以为 iOS 设备中的其他应用程序欺骗位置坐标的应用程序。
I googled it and found that spoofing is possible on Jailbroken devices and some applications are available on Cydia store like "akLocationX", "Fake Location" etc. Below is the article on the same.我在谷歌上搜索,发现越狱设备上可能存在欺骗行为,Cydia 商店中提供了一些应用程序,例如“akLocationX”、“Fake Location”等。下面是相同的文章。
http://www.addictivetips.com/ios/easily-fake-iphone-current-location-aklocationx/ http://www.additivetips.com/ios/easily-fake-iphone-current-location-aklocationx/
Could anyone help me, how can I stop this location spoofing on Jailbroken devices?任何人都可以帮助我,如何在越狱设备上阻止此位置欺骗?
Based on another StackOverflow question ( Identify jailbroken device from iOS application ), you can detect if your app is running with some known jailbreak tools, and take an alternate code path, such as disabling that part of your app (but do not exit or crash your app, as that may cause your app to fail AppStore testing). 根据另一个StackOverflow问题( 识别来自iOS应用程序的越狱设备 ),您可以检测您的应用程序是否与某些已知的越狱工具一起运行,并采用备用代码路径,例如禁用应用程序的该部分(但不要退出或崩溃)您的应用程序,因为这可能会导致您的应用程序无法通过AppStore测试)。
As for always getting the real location, you can't really - your app can only run in the environment it has - if the environment is a jailbroken iPhone, and a hack running in that environment causes the geolocation api to report its location is on Tattooine or Atlantis, then thats what your app will get. 至于总是得到真实的位置,你真的不能 - 你的应用只能在它拥有的环境中运行 - 如果环境是越狱的iPhone,并且在该环境中运行的黑客导致地理位置api报告其位置是纹身或亚特兰蒂斯,这就是你的应用程序将得到的。 Next best option is to try detecting jailbroken devices (as above) and change your app's behaviour.
下一个最佳选择是尝试检测越狱设备(如上所述)并更改应用程序的行为。
To spoof a location, it's not even needed to jailbreak the device. 为了欺骗一个位置,甚至不需要越狱设备。 It can be simply done in Xcode by running an app with a simulated location.
它可以通过运行具有模拟位置的应用程序在Xcode中完成。 I don't think it makes sense to detect this spoofing in the first place.
我认为首先检测这种欺骗是不合理的。
The other posters are correct, one great way to check is to verify if the device is jailbroken. 其他海报是正确的,一个很好的检查方法是验证设备是否越狱。
But, even if the device isn't jailbroken, it is still possible to fake the GPS location with a nearby GPS transmitter. 但是,即使设备没有越狱,仍然可以使用附近的GPS发射器伪造GPS位置。 So let's assume (although it is highly unlikely), that your user has this.
因此,我们假设(尽管不太可能),您的用户就是这样。
Technically, it is possible to detect if the GPS location is fake or not. 从技术上讲,可以检测GPS位置是否是假的。 However, your ability to do so is dependent on if the person faked other information as well such as nearby Wifi networks, or their external IP (such as using a VPN).
但是,您这样做的能力取决于此人是否伪造了其他信息,例如附近的Wifi网络或其外部IP(例如使用VPN)。
Reference: GPS Jamming Devices 参考: GPS干扰设备
You can detect the wireless networks nearby and then lookup their locations and compare that to the one reported by your GPS. 您可以检测附近的无线网络,然后查找其位置并将其与GPS报告的位置进行比较。 There are a couple of issues however.
但是有几个问题。
Keep In Mind 记住
References: 参考文献:
You can connect to an online service which returns your location information based on your IP. 您可以连接到在线服务,该服务根据您的IP返回您的位置信息。 You can then compare this to the GPS location which you were provided.
然后,您可以将其与您提供的GPS位置进行比较。
This will get through the app store review process, however... 这将通过应用商店审核流程,但是......
Keep In Mind 记住
References: 参考文献:
This is a tricky issue. 这是一个棘手的问题。 It is unlikely to be able to prevent spoofing 100% because it is up to the client to inform the server their location.
它不太可能100%防止欺骗,因为客户端可以通知服务器他们的位置。
There is one way to reduce the spoofing (not eliminate it completely) by validating the IP address of users with geolocation database in the server. 通过验证服务器中具有地理位置数据库的用户的IP地址,有一种方法可以减少欺骗(不能完全消除欺骗)。 You can make sure the user is really based in a city.
您可以确保用户确实位于城市中。
Sounds scary for an app :) 一个应用听起来很可怕:)
Anyway, there is now a proper way of dealing with this: iBeacon (dev doc here ). 无论如何,现在有一个正确的方法来解决这个问题: iBeacon (dev doc here )。
The basic principle is this: 基本原则是这样的:
CLBeaconRegion
to monitor the proximity to these beacons (the beacons use Bluetooth Low Energy to communicate with the iOS device) CLBeaconRegion
监控这些信标的距离(信标使用蓝牙低功耗与iOS设备通信) Starting from iOS 15 Apple provided a public API to address this challenge.从 iOS 15 开始,Apple 提供了一个公共 API 来应对这一挑战。
CLLocation
exposes its source in a property called sourceInformation of type CLLocationSourceInformation
CLLocation
在类型为CLLocationSourceInformation
名为sourceInformation的属性中公开其源
And, CLLocationSourceInformation has a property called isSimulatedBySoftware
并且, CLLocationSourceInformation有一个名为
isSimulatedBySoftware
的属性
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.