iOS Application Security: The Definitive Guide for Hackers and Developers

  • 3h 49m
  • David Thiel
  • No Starch Press
  • 2016

Eliminating security holes in iOS apps is critical for any developer who wants to protect their users from the bad guys. In iOS Application Security, mobile security expert David Thiel reveals common iOS coding mistakes that create serious security problems and shows you how to find and fix them.

After a crash course on iOS application structure and Objective-C design patterns, you’ll move on to spotting bad code and plugging the holes. You’ll learn about:

  • The iOS security model and the limits of its built-in protections
  • The myriad ways sensitive data can leak into places it shouldn’t, such as through the pasteboard
  • How to implement encryption with the Keychain, the Data Protection API, and CommonCrypto
  • Legacy flaws from C that still cause problems in modern iOS applications
  • Privacy issues related to gathering user data and how to mitigate potential pitfalls

Don’t let your app’s security leak become another headline. Whether you’re looking to bolster your app’s defenses or hunting bugs in other people’s code, iOS Application Security will help you get the job done well.

In this Book

  • Foreword
  • Introduction
  • The iOS Security Model
  • Objective-C for the Lazy
  • iOS Application Anatomy
  • Building Your Test Platform
  • Debugging with LLDB and Friends
  • Black-Box Testing
  • iOS Networking
  • Interprocess Communication
  • iOS-Targeted Web Apps
  • Data Leakage
  • Legacy Issues and Baggage from C
  • Injection Attacks
  • Encryption and Authentication
  • Mobile Privacy Concerns