Security Spy iOS App
Having two different locations where I use SS I noticed that when I have multiple servers configured for the app that if I do a long press on a configured server that it will give me a pop up window that will let me connect, sign out, or delete the server from the iOS app. I also noticed that it shows two separate addresses along with port numbers... it shows me a name.local:8000 address and also the DNS name of name.viewcam.me:8000 ....
So the question is... is the app able to determine whether the SS server is currently local to the iOS device running the app and uses the local network name and if it's not on the same network then does it then go on to try the DNS name internet address ?
I am hoping the above is what is happening... and then I'm also hoping you can point me to how I can do the same thing for an app that I'm working on. I want to know if I can access it via the local address or will I be going on the internet DNS route to get there.
So the question is... is the app able to determine whether the SS server is currently local to the iOS device running the app and uses the local network name and if it's not on the same network then does it then go on to try the DNS name internet address ?
I am hoping the above is what is happening... and then I'm also hoping you can point me to how I can do the same thing for an app that I'm working on. I want to know if I can access it via the local address or will I be going on the internet DNS route to get there.
Comments
I'm happy to answer any other questions you might have. Good luck with your app!
I found that their new app resembles their old one and I find it cartoonish. My solution is going to be that I recommend users only configure for local network access. If they want to use it over a WAN then they need a VPN. I took a Raspberry Pi, and have an IPSec server running on it. I’m now adding to my app so that you can configure the VPN credentials needed and WAN address.
I have been able to run my app and if the local address is not available then it will attempt to start a VPN connection and open a connection. It’s working really well. The new networking Apple has given us is great. No more third party libraries for network connections. Especially for connecting to socket based servers.
This lets me have a truly dynamic connection to the HomeSeer system and have everything encrypted over the internet.
I’m thinking to do the same sort of DNS like you do... the hosting service you use is very affordable. The question is do I build and sell the VPN device or just post a prebuilt image and let people have it... or offer both. So many decisions to make. This is what bored retired software engineers do... I probably should just buy a Z Wave SDK license and write my own gateway hub. But that gets expensive fast.
Provided that your LAN itself is reasonably secure (e.g. no open WiFi or weak passwords etc.) then I agree that unencrypted connections within the LAN are basically fine for most purposes. However users are becoming more and more security-conscious, and encryption for all connections is becoming the expected norm.
For WAN access, you could look at ngrok - it's simple, effective and secure. It may be a good alternative to a VPN, and wouldn't require you to set up a DDNS service.
In any case it sounds like you have a fun project on your hands!