iOS application security
- Type
- Slides
- Tags
- iPhone, secure development
- Authors
- Ilja van Sprundel
- Event
- Chaos Communication Camp 2011
- Indexed on
- Mar 27, 2013
- URL
- http://events.ccc.de/camp/2011/Fahrplan/attachments/1846_SECURE_iOS_APPS_LOGIN.pdf
- File name
- 1846_SECURE_iOS_APPS_LOGIN.pdf
- File size
- 846.8 KB
- MD5
- df362580b24fec26cb2238e382bd7c53
- SHA1
- 9172e8c35a25169d9e4b506fb593fc8d74d0d116
Over the last few years there has been a signifant amount of iPhone and iPad application development going on. Although based on Mac OSX, its development APIs are new and very specific to the iPhone and iPad. In this presentation, Ilja van Sprundel, Principal Security Consultant at IOActive, will discuss lessons learned from auditing iPhone and iPad applications over the last year. It will cover the use of specific APIs, why some of them aren't granular enough, and why they might expose way too much attack surface. The talk will cover ssl, xml, url handling, UIWebViews and more. Furthermore, it will also cover what apps are allowed to do when inside their sandbox once an application has been hacked.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
