Eliminating security holes in iOS apps is critical for any developer who wants to protect their users from the bad guys. In iOS Application Security, mobile security expert David Thiel reveals common iOS coding mistakes that create serious security problems and shows you how to find and fix them.
After a crash course on iOS application structure and Objective-C design patterns, you'll move on to spotting bad code and plugging the holes. You'll learn about-
-The iOS security model and the limits of its built-in protections
-The myriad ways sensitive data can leak into places it shouldn't, such as through the pasteboard
-How to implement encryption with the Keychain, the Data Protection API, and CommonCrypto
-Legacy flaws from C that still cause problems in modern iOS applications
-Privacy issues related to gathering user data and how to mitigate potential pitfalls
Don't let your app's security leak become another headline. Whether you're looking to bolster your app's defenses or hunting bugs in other people's code, iOS Application Security will help you get the job done well.
Eliminating security holes in iOS apps is critical for any developer who wants to protect their users from the bad guys. In iOS Application Security, mobile security expert David Thiel reveals common iOS coding mistakes that create serious security problems and shows you how to find and fix them.
After a crash course on iOS application structure and Objective-C design patterns, you'll move on to spotting bad code and plugging the holes. You'll learn about-
-The iOS security model and the limits of its built-in protections
-The myriad ways sensitive data can leak into places it shouldn't, such as through the pasteboard
-How to implement encryption with the Keychain, the Data Protection API, and CommonCrypto
-Legacy flaws from C that still cause problems in modern iOS applications
-Privacy issues related to gathering user data and how to mitigate potential pitfalls
Don't let your app's security leak become another headline. Whether you're looking to bolster your app's defenses or hunting bugs in other people's code, iOS Application Security will help you get the job done well.
Eliminating security holes in iOS apps is critical for any developer who wants to protect their users from the bad guys. In iOS Application Security, mobile security expert David Thiel reveals common iOS coding mistakes that create serious security problems and shows you how to find and fix them.
After a crash course on iOS application structure and Objective-C design patterns, you'll move on to spotting bad code and plugging the holes. You'll learn about-
-The iOS security model and the limits of its built-in protections
-The myriad ways sensitive data can leak into places it shouldn't, such as through the pasteboard
-How to implement encryption with the Keychain, the Data Protection API, and CommonCrypto
-Legacy flaws from C that still cause problems in modern iOS applications
-Privacy issues related to gathering user data and how to mitigate potential pitfalls
Don't let your app's security leak become another headline. Whether you're looking to bolster your app's defenses or hunting bugs in other people's code, iOS Application Security will help you get the job done well.
Eliminating security holes in iOS apps is critical for any developer who wants to protect their users from the bad guys. In iOS Application Security, mobile security expert David Thiel reveals common iOS coding mistakes that create serious security problems and shows you how to find and fix them.
After a crash course on iOS application structure and Objective-C design patterns, you'll move on to spotting bad code and plugging the holes. You'll learn about-
-The iOS security model and the limits of its built-in protections
-The myriad ways sensitive data can leak into places it shouldn't, such as through the pasteboard
-How to implement encryption with the Keychain, the Data Protection API, and CommonCrypto
-Legacy flaws from C that still cause problems in modern iOS applications
-Privacy issues related to gathering user data and how to mitigate potential pitfalls
Don't let your app's security leak become another headline. Whether you're looking to bolster your app's defenses or hunting bugs in other people's code, iOS Application Security will help you get the job done well.
Introduction
PART I: IOS FUNDAMENTALS
Chapter 1: The iOS Security Model
Chapter 2: Objective-C for the Lazy
Chapter 3: iOS Application Anatomy
PART II: SECURITY TESTING
Chapter 4: Building Your Test Platform
Chapter 5: Debugging with lldb and Friends
Chapter 6: Black-Box Testing
PART III: SECURITY QUIRKS OF THE COCOA API
Chapter 7: iOS Networking
Chapter 8: Interprocess Communication
Chapter 9: iOS-Targeted Web Apps
Chapter 10: Data Leakage
Chapter 11: Legacy Issues and Baggage from C
Chapter 12: Injection Attacks
PART IV: KEEPING DATA SAFE
Chapter 13: Encryption and Authentication
Chapter 14: Mobile Privacy Concerns
David Thiel has nearly 20 years of computer security experience. His research and book Mobile Application Security (McGraw-Hill) helped launch the field of iOS application security, and he has presented his work at security conferences like Black Hat and DEF CON. An application security consultant for years at iSEC Partners, Thiel now works for the Internet.org Connectivity Lab.
|
Ask a Question About this Product More... |
|
