I’m a software engineer with over 40 years of professional software development experience. Working with UNIX operating system internals, and a broad range of network and operating system related applications built on a variety of Unices. I live in Sydney, Australia.
My interests primarily are operating systems, network systems, infrastructure design, software quality management, software security and risks.
SamuraiSafe was written to satisfy two goals.
In 2011 I was using a Java based password manager (Password Safe) which, whilst adequate, had some security issues, as the entire password file was decrypted and stored in memory whilst in use. Also as a non-native macOS application, it was slow and slightly clunky.
I wanted to learn Objective-C, Cocoa, Appkit (macOS) and UIKit (iOS).
SamuraiSafe is the result of satisfying those goals, whilst being a practical tool. First Apple App store releases for iOS/macOS were in 2013.
I limited the scope to essential features, and standard Apple frameworks:
Core Data is used for storage. Passwords and password entry data is only decrypted when required, to limit exposure of cleartext in memory.
Data objects stored in SamuraiSafe are encrypted using the AES algorithm with a 256 bit key. Each element (i.e. every group, password entry or password) is separately encrypted and includes a secure hash (HMAC), so corruption of encrypted data is detected, and any such corruption has limited effect. The core encryption code is published on github.
I have added features based upon feedback and my own experience, however the philosophy is to keep it simple.
See design.samarama.net for discussion of some common convenience features of password managers (e.g. web browser plugins) and their problems.
I maintain the app as a hobby, for my own needs, and as a convenience to anyone who finds it useful.
Samurai Search is my first SwiftUI/Swift app, and when first released seemed to satisfy a niche market need.
I appreciate feedback, and I’m happy to help if you need it. Please email firstname.lastname@example.org