Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Designing a Secure Cocoa App

1,289 views

Published on

A presentation I delivered to NSConference 2009, on security principles for Cocoa developers to follow.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Designing a Secure Cocoa App

  1. 1. Building a secure Cocoa application Graham Lee (@iamleeg)
  2. 2. MOAB - Jan 2007 OS Apple apps Other apps 27% 47% 27% Source - http://projects.info-pull.com/moab/
  3. 3. Principles c2 a2 b 2
  4. 4. What is a threat?
  5. 5. What is a threat?
  6. 6. What is a threat?
  7. 7. What is a threat?
  8. 8. Who is the misuser?
  9. 9. Who is the misuser?
  10. 10. Who is the misuser? What’s my motivation??
  11. 11. Who is the misuser? What’s my motivation?? How risk- averse am I?
  12. 12. Who is the misuser? What’s my motivation?? How risk- averse am I? What skills and resources can I use?
  13. 13. Assets
  14. 14. Assets
  15. 15. Assets
  16. 16. Assets
  17. 17. Assets
  18. 18. Assets credit: freefoto.com
  19. 19. C I A
  20. 20. Confidentiality I A
  21. 21. Confidentiality I ntegrity A
  22. 22. Confidentiality I ntegrity A vailability
  23. 23. I’m sorry, Dave…
  24. 24. I’m sorry, Dave… • We remember -rwxrwxrwx
  25. 25. I’m sorry, Dave… • We remember -rwxrwxrwx • What about “group:everyone deny delete”?
  26. 26. Keychain
  27. 27. Keychain •Secure storage…
  28. 28. Keychain •Secure storage… •…with access control!
  29. 29. Keychain •Secure storage… •…with access control! •Really simple API (simpler on iPhone :P)
  30. 30. Keychain •Secure storage… •…with access control! •Really simple API (simpler on iPhone :P) •SecKeychainFindInternetPassword()
  31. 31. Keychain •Secure storage… •…with access control! •Really simple API (simpler on iPhone :P) •SecKeychainFindInternetPassword() •Even protects against “cold boot”* *http://citp.princeton.edu/memory/
  32. 32. Keychain •Secure storage… •…with access control! •Really simple API (simpler on iPhone :P) •SecKeychainFindInternetPassword() •Even protects against “cold boot”* •…if used carefully *http://citp.princeton.edu/memory/
  33. 33. my secret password my secret password my secret password
  34. 34. Confidentiality I ntegrity A vailability
  35. 35. How to sign code
  36. 36. How to sign code Erm, that’s it.
  37. 37. Confidentiality I ntegrity A vailability
  38. 38. launchd
  39. 39. launchd • pretty sweet (on 10.5)
  40. 40. launchd • pretty sweet (on 10.5) • somewhat sweet on 10.4
  41. 41. launchd • pretty sweet (on 10.5) • somewhat sweet on 10.4 • 10.3 still exists?!?
  42. 42. launchd • pretty sweet (on 10.5) • somewhat sweet on 10.4 • 10.3 still exists?!? • check out <key>KeepAlive</key> for watchdog-related goodness, in launchd.plist(5)
  43. 43. Exercise 1 :-)
  44. 44. Exercise 1 :-)
  45. 45. S T R I D E
  46. 46. Spoofing T R I D E
  47. 47. Spoofing Tampering R I D E
  48. 48. Spoofing Tampering Repudiation I D E
  49. 49. Spoofing Tampering Repudiation I nformation leak D E
  50. 50. Spoofing Tampering Repudiation I nformation leak Denial of Service E
  51. 51. Spoofing Tampering Repudiation I nformation leak Denial of Service E levation of Privilege
  52. 52. Authorisation Services
  53. 53. Authorisation Services SFAuthorizationView
  54. 54. Authorisation Services SFAuthorizationView
  55. 55. Authorisation Services SFAuthorizationView
  56. 56. Authorisation Services SFAuthorizationView <key>system.preferences.accounts </key> <dict> AuthorizationRights <key>allow-root</key> <true/> <key>class</key> <string>user</string> <key>comment</key> <string><!-- … --> </string> <key>group</key> <string>admin</string> <key>shared</key> <false/> </dict>
  57. 57. Demo c a
  58. 58. ?

×