Swsec on Hexploitable

Security updates in iOS 10

Fri, 24 Jun 2016 15:17:44 +0000

Apple recently announced iOS 10 which includes many security and privacy related changes. This article aims to talk about some of the significant changes since iOS 9.

Network Security

Since HTTP is a plaintext protocol and therefore creates inherent security and privacy concerns when used, Apple has now decided that it is finally time to start treating HTTPS as the de facto web protocol. At WWDC this year, Apple rightly pointed out that simply “enabling” HTTPS does not necessarily mean that you are secure. There are many ways in which HTTPS can be improperly configured resulting in the use of insecure connections.

Integrating Touch ID into your iOS applications

Mon, 03 Aug 2015 09:30:54 +0000

Image copyrights and trademarks belong exclusively to Apple.

What is Touch ID?

Simply put, Touch ID is Apple’s fingerprint technology for iOS mobile devices. It allows consumers to unlock their phones and make purchases conveniently using their fingerprint(s). Furthermore, as of iOS version 8.0, Apple opened Touch ID up to developers by making APIs available for use in the SDK.

Biometric opinions

This post assumes you have performed your own risk assessment and are aware of the risks associated with biometric authentication technologies, and that you have decided that Touch ID is suitable for use in your application.

Vulnerability Assessment Workshop

Thu, 20 Feb 2014 14:19:00 +0000

So I’ve been working on something pretty cool lately and I wanted to share some thoughts on it.

TL;DR - I’m currently delivering a vulnerability assessment workshop at multiple UK universities with the aim of providing a realistic full day workshop on finding vulnerabilities, engaging with clients, and explaining the issues & guidance in a way that can be easily understood by the client. If you have contacts with, or you represent a university, please do get in touch with me at hello@hexplo.it