| Description |
1 online resource (1 volume) : illustrations |
| Contents |
About the Author ; About the Technical Reviewer ; Brief Contents ; Contents in Detail ; Foreword by Alex Stamos ; Acknowledgments ; Introduction ; Who This Book Is For ; What's in This Book ; How This Book Is Structured ; Conventions This Book Follows ; A Note on Swift ; Mobile Security Promises and Threats ; What Mobile Apps Shouldn't Be Able to Do ; Classifying Mobile Security Threats in This Book ; Some Notes for iOS Security Testers ; Part I: iOS Fundamentals ; Chapter 1: The iOS Security Model ; Secure Boot ; Limiting Access with the App Sandbox |
|
Data Protection and Full-Disk Encryption The Encryption Key Hierarchy ; The Keychain API ; The Data Protection API ; Native Code Exploit Mitigations: ASLR, XN, and Friends ; Jailbreak Detection ; How Effective Is App Store Review? ; Bridging from WebKit ; Dynamic Patching; Intentionally Vulnerable Code ; Embedded Interpreters ; Closing Thoughts ; Chapter 2: Objective-C for the Lazy ; Key iOS Programming Technology ; Passing Messages ; Dissecting an Objective-C Program ; Declaring an Interface ; Inside an Implementation File ; Specifying Callbacks with Blocks ; How Objective-C Manages Memory |
|
Automatic Reference Counting Delegates and Protocols ; Should Messages ; Will Messages ; Did Messages ; Declaring and Conforming to Protocols ; The Dangers of Categories ; Method Swizzling ; Closing Thoughts ; Chapter 3: iOS Application Anatomy ; Dealing with plist Files ; Device Directories ; The Bundle Directory ; The Data Directory ; The Documents and Inbox Directories ; The Library Directory ; The tmp Directory ; The Shared Directory ; Closing Thoughts ; Part II: Security Testing ; Chapter 4: Building Your Test Platform ; Taking Off the Training Wheels ; Suggested Testing Devices |
|
Testing with a Device vs. Using a Simulator Network and Proxy Setup ; Bypassing TLS Validation ; Bypassing SSL with stunnel ; Certificate Management on a Device ; Proxy Setup on a Device ; Xcode and Build Setup ; Make Life Difficult ; Enabling Full ASLR ; Clang and Static Analysis ; Address Sanitizer and Dynamic Analysis ; Monitoring Programs with Instruments ; Activating Instruments ; Watching Filesystem Activity with Watchdog ; Closing Thoughts ; Chapter 5: Debugging with lldb and Friends ; Useful Features in lldb ; Working with Breakpoints ; Navigating Frames and Variables |
|
Visually Inspecting Objects Manipulating Variables and Properties ; Breakpoint Actions ; Using llbd for Security Analysis ; Fault Injection ; Tracing Data ; Examining Core Frameworks ; Closing Thoughts ; Chapter 6: Black-Box Testing ; Installing Third-Party Apps ; Using a .app Directory ; Using a .ipa Package File ; Decrypting Binaries ; Launching the debugserver on the Device ; Locating the Encrypted Segment ; Dumping Application Memory ; Reverse Engineering from Decrypted Binaries ; Inspecting Binaries with otool; Obtaining Class Information with class-dump |
| Summary |
880-01 IOS Application Security covers everything you need to know to design secure iOS apps from the ground up and keep users' data safe |
|
880-01/(Q Whether youѫre looking to bolster your аррѫs defenses or hunting bugs in other peoplеѫs code, this expert guide reveals common iOS coding mistakes that create serious security problems and shows you how to find and fix them. -- Edited summary from book |
| Notes |
Includes index |
|
Print version record |
| SUBJECT |
iOS (Electronic resource) http://id.loc.gov/authorities/names/n2010039603
|
|
iOS (Electronic resource) fast |
| Subject |
Mobile computing -- Security measures
|
|
iPhone (Smartphone) -- Mobile apps -- Security measures
|
|
iPad (Computer) -- Security measures
|
|
Application software -- Development.
|
|
Objective-C (Computer program language)
|
|
COMPUTERS -- Computer Literacy.
|
|
COMPUTERS -- Computer Science.
|
|
COMPUTERS -- Data Processing.
|
|
COMPUTERS -- Hardware -- General.
|
|
COMPUTERS -- Information Technology.
|
|
COMPUTERS -- Machine Theory.
|
|
COMPUTERS -- Reference.
|
|
Application software -- Development
|
|
Objective-C (Computer program language)
|
| Form |
Electronic book
|
| ISBN |
9781593277543 |
|
1593277547 |
|
9781593276010 |
|
159327601X |
|
9781457198830 |
|
1457198835 |
