iossecurity

Application Transport Security Since HTTP is a plaintext protocol and therefore creates inherent security and privacy concerns when used by applications - Apple has decided that it is finally time to start treating the secure alternative, HTTPS, as the de facto web protocol for iOS mobile apps. At WWDC this year, Apple rightly pointed out that simply “enabling” HTTPS does not necessarily mean that you are secure. There are many ways in which HTTPS can be improperly configured resulting in the use of insecure connections. »

Apple recently announced iOS 10 which includes many security and privacy related changes. This article aims to talk about some of the significant changes since iOS 9. Network Security Since HTTP is a plaintext protocol and therefore creates inherent security and privacy concerns when used, Apple has now decided that it is finally time to start treating HTTPS as the de facto web protocol. At WWDC this year, Apple rightly pointed out that simply “enabling” HTTPS does not necessarily mean that you are secure. »

So recently I made a couple of minor contributions to online iOS tools. Whilst the contributions are tiny, it was my first experience of actually submitting merge requests to other tools. For this reason I thought I’d share them with you. 1. ipainstaller One of the changes introduced in iOS 8 was that applications are laid out differently on the device. Essentially, the application exists as multiple containers spread out across the /private/var/mobile/ directory. »

Image copyrights and trademarks belong exclusively to Apple. #What is Touch ID? Simply put, Touch ID is Apple’s fingerprint technology for iOS mobile devices. It allows consumers to unlock their phones and make purchases conveniently using their fingerprint(s). Furthermore, as of iOS version 8.0, Apple opened Touch ID up to developers by making APIs available for use in the SDK. ###Biometric opinions This post assumes you have performed your own risk assessment and are aware of the risks associated with biometric authentication technologies, and that you have decided that Touch ID is suitable for use in your application. »

#Improvements to MEMSCAN. First off, I want to say that I was pretty overwhelmed with the volume of attention MEMSCAN received when I initially blogged about it a little while ago. I really didn’t think it was that big of a deal. I started MEMSCAN for two reasons - there wasn’t anything out there which did /exactly/ what I wanted it to do and also because I wanted to move beyond reading C to actually trying to write some C of my own. »