Motivation

I’m a software engineer with almost 40 years of professional software development experience. Working initially with UNIX operating system internals, then working on a broad range of network and operating system related applications built on a variety of Unices. I live in Sydney, Australia.

My interests primarily are operating systems, network systems, infrastructure design, software quality management, software security and risks.

SamuraiSafe was written to satisfy two goals.

I was using a Java based password manager (Password Safe) which, whilst adequate, had some security issues, as the entire password file was decrypted and stored in memory whilst in use. Also being a non-native macOS application, it was slightly slow and clunky.

I also wished to learn Objective-C, Cocoa, Appkit (macOS) and UIKit (iOS).

SamuraiSafe is the result of satisfying those goals, whilst being a practical tool. I limited the scope to essential features, and standard frameworks:

  1. Binary (Atomic) Core Data is used for storage. Passwords and password entry data is only decrypted when required, to limit exposure of cleartext in memory.

  2. Data stored in SamuraiSafe is encrypted using the AES algorithm with a 256 bit key. Each element (i.e. every group, password entry or password) is separately encrypted and includes a secure hash (HMAC), so corruption of encrypted data is detected, and any such corruption has limited effect. The core encryption code is published on github.

  3. iCloud Drive can be used to synchronise between macOS and iOS instances. Surprisingly Apple don’t make sharing of Core Data documents over iCloud between iOS and Mac easy1.

I have added features based upon feedback and my own experience, however the philosophy is to keep it simple.

See design.samarama.net for discussion of some common convenience features of password managers (e.g. web browser plugins) and their problems.

I briefly experimented with a free and paid versions of the app, but realised I wouldn’t make much progress against well funded commercial products with marketing budgets. So I decided to keep maintaining the app as a hobby, as a convenience to anyone that finds it useful.

For further information, comments, complaints or requests please email michael@samarama.net

Michael Rourke

 

  1. UIManagedDocument on iOS directly supports iCloud, however NSPersistentDocument on Mac doesn’t.