A presentation of some of the security features and APIs in iPhone OS, allowing discussion of the threat model underlying Apple's chosen mitigation technology.
- The document discusses cryptographic storage for smartphone data, specifically the aescrypt format and software which allows encrypted storage of secret files on phones and across backups.
- Aescrypt uses a randomly generated initialization vector and password hashes to encrypt the bulk of files with AES-256, and includes metadata and integrity checks without revealing secret information.
- The key derived from hashing the password is used to encrypt an actual encryption key, to provide an additional layer of protection in case the derived key is compromised.
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive functioning. Exercise causes chemical changes in the brain that may help alleviate symptoms of mental illness and boost overall mental well-being.
Taking a Test Drive: iOS Dev UK guide to TDDGraham Lee
The document discusses test-driven development (TDD) and how it can be used to write iOS apps. Some key points:
- TDD aims to validate code behavior, discover defects early, verify fixes, and detect regressions by writing tests before code.
- Unit tests validate individual classes and components, while integration, system, and acceptance tests validate how pieces work together.
- Practicing TDD results in code that is easier to test (small focused classes/methods with few side effects) and design that is more modular.
- Fake objects and mocks can be used to test components that interact with external systems by isolating their behavior.
- Overall, TDD promotes a test
The document discusses patterns and techniques for writing cross-platform Objective-C code. It describes using a strategy pattern to abstract platform-specific code behind a common interface. Classes like O2LPerson would delegate platform-specific behavior to subclasses like O2LPersonStrategyMac and O2LPersonStrategyiOS. It also provides examples of checking for features at runtime through techniques like responding to selectors, class existence checks, and dlopen.
- The document discusses cryptographic storage for smartphone data, specifically the aescrypt format and software which allows encrypted storage of secret files on phones and across backups.
- Aescrypt uses a randomly generated initialization vector and password hashes to encrypt the bulk of files with AES-256, and includes metadata and integrity checks without revealing secret information.
- The key derived from hashing the password is used to encrypt an actual encryption key, to provide an additional layer of protection in case the derived key is compromised.
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive functioning. Exercise causes chemical changes in the brain that may help alleviate symptoms of mental illness and boost overall mental well-being.
Taking a Test Drive: iOS Dev UK guide to TDDGraham Lee
The document discusses test-driven development (TDD) and how it can be used to write iOS apps. Some key points:
- TDD aims to validate code behavior, discover defects early, verify fixes, and detect regressions by writing tests before code.
- Unit tests validate individual classes and components, while integration, system, and acceptance tests validate how pieces work together.
- Practicing TDD results in code that is easier to test (small focused classes/methods with few side effects) and design that is more modular.
- Fake objects and mocks can be used to test components that interact with external systems by isolating their behavior.
- Overall, TDD promotes a test
The document discusses patterns and techniques for writing cross-platform Objective-C code. It describes using a strategy pattern to abstract platform-specific code behind a common interface. Classes like O2LPerson would delegate platform-specific behavior to subclasses like O2LPersonStrategyMac and O2LPersonStrategyiOS. It also provides examples of checking for features at runtime through techniques like responding to selectors, class existence checks, and dlopen.
Securing the Web without site-specific passwordsFrancois Marier
Identity systems on the Web are a bit of a mess. Surely in 2013, we would have something else than usernames and passwords for logging into websites. A solution that doesn't require trusting a central authority.
It turns out that solving the general identity problem is very hard. Some of these solutions require complicated redirections, an overwhelming amount of jargon and lots of verbose XML. The technology has been around for a long time, but implementing it properly (and safely) is often incredibly difficult.
This talk will explore the challenges of the existing Web identity solutions and introduce the choices that we made during the development of Persona, a new cross-browser federated identity solution from Mozilla.
It will cover:
- a discussion of the complexities and privacy-related concerns that existing identity solutions have
- how crypto is used in Persona to provide both authentication and privacy
- the Persona federation approach: fully distributed with fallbacks
- demos and actual code from sites that have implemented Persona
- the basics of the Persona API so that attendees can go out and easily support this technology on their own sites
Trying to convince users to pick unique (and strong) passwords for each website is a losing battle. What we're proposing is a standard, built into browsers, that leverages the new security features that email providers are now offering. A simple federated solution to eliminate site-specific passwords.
Optimize Your SaaS Offering with Serverless Microservices (GPSTEC405) - AWS r...Amazon Web Services
In this hands-on session, we crack open the IDE and transform a SaaS web app comprised of several monolithic single-tenant environments into an efficient, scalable, and secure multi-tenant SaaS platform using ReactJS and NodeJS serverless microservices. We use Amazon API Gateway and Amazon Cognito to simplify the operation and security of the service’s API and identity functionality. We enforce tenant isolation and data partitioning with OIDC’s JWT tokens. We leverage AWS SAM and AWS Amplify to simplify authoring, testing, debugging, and deploying serverless microservices, keeping operational burden to a minimum, maximizing developer productivity, and maintaining a great developer experience.
How can you authenticate without authentication? Is there another way to perform authentication?
Those are the slides for a talk I gave at OWASP AppSec Israel.
This document summarizes Amazon Rekognition, Amazon's machine learning service for image and video analysis. It provides an overview of Rekognition's capabilities for image analysis including object detection, facial analysis, and text recognition. For video, it describes object/scene detection, activity recognition, person tracking, face search, and unsafe content detection. It also provides examples of how Rekognition is used by customers for applications like public safety, home monitoring, and media/entertainment.
The document discusses an overview of PayPal's new Android SDK for making payments. It describes how to implement PayPal payments in an Android app using the SDK in just 10 minutes. Developers can allow users to pay with PayPal or accept credit cards directly in the app using card.io scanning technology. The steps covered include configuring the Android manifest, starting the PayPal service, creating payment objects, launching the payment process, and verifying payments on the server.
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...NoNameCon
This document summarizes a presentation given by Cisco researchers on tracking a Ukrainian Bitcoin phishing ring. It discusses how the researchers used DNS data and analysis to link phishing domains to a criminal group called Coinhoarder. The researchers found the group was using lookalike domains to steal users' Bitcoin credentials from popular wallets and exchanges. They traced the domains and ransom payments and found the operation involved multiple actors conducting phishing, ransomware attacks, and money laundering.
Building an end to end image recognition service - Tel Aviv Summit 2018Amazon Web Services
In this session, we’ll learn how to build and deploy end to end solutions for ingesting and processing computer vision solutions, using machine learning models connected to live video streams, and getting insights such as face detection and object analysis. At the end of the session developers of all skill levels will be able to build their own deep learning powered, computer-vision applications. Attendees will learn how to experiment with different projects for face detection, object recognition and other video-based AWS Machine Learning services.
This is a talk on enforcing better GDPR compliance, user data privacy, and “security by design” principles through the language and visual components of API documentation. Practical and immediately applicable tips and insights from a Technical Writer working in data security.
APIdays Paris 2018 - Disagree with “I Agree”. Enforcing Better GDPR Complianc...apidays
This document discusses how application programming interface (API) documentation can be improved to better comply with the General Data Protection Regulation (GDPR). It highlights how API docs and tutorials should be tailored to be concise, informative, and transparent about how personal data is collected and used in order to meet GDPR requirements. The document provides examples of how to explain technical GDPR concepts in simple terms and emphasizes the importance of security by design and informing users about data privacy practices.
Johnathan Nightingale of Mozilla Corporation presents ideas for improving browser security user interfaces (UI). He argues that existing security UIs like padlocks are sparse, incomprehensible, and not carefully designed. He proposes five rules for good security UI: be meaningful, relevant, robust, available, and brave. As an example, he suggests replacing padlocks with "Larry", an identity indicator that clearly shows website identity and is based on standardized Extended Validation certificates. The presentation concludes by discussing additional aspects of security UI and soliciting further ideas and discussion.
Présentation des APIs Orange Partner par Thierry Gaillet le 16 avril 2015.
L'enregistrement est online sur la chaine de la Mobile Banking Factory 2 : https://bitly.com/youtubeMBF2
The document introduces Amazon Rekognition and Amazon Polly. It provides an overview of the capabilities of Amazon Rekognition for visual content analysis and Amazon Polly for text-to-speech. It then discusses specific features and use cases for each service, including object detection, facial analysis, and speech synthesis with different voices and languages.
How to Get the Most Out of Amazon Rekognition Video, a deep learning based vi...Amazon Web Services
Learning Objectives:
-Provide an overview of Amazon Rekognition Video capabilities
-Describe use cases and benefits
-Showcase how you can use Amazon Rekognition Video to easily build video analysis applications
The document discusses how to securely protect internal communication within an organization. It provides examples of how clear text communication, such as instant messages and emails, can expose sensitive information if intercepted. The document then introduces Virtual Security Technology (VST) solutions like virtual security appliances with firewalls and VPN tunnels, public key infrastructure (PKI) services, and secure identity cards to encrypt communication and authentication. These solutions aim to prevent data theft and security breaches that often originate from within organizations.
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Chris Gates
This talk (hopefully) provides some new pentesters tools and tricks. Basically a continuation of last year’s Dirty Little Secrets they didn’t teach you in Pentest class. Topics include; OSINT and APIs, certificate stealing, F**king with Incident Response Teams, 10 ways to psexec, and more. Yes, mostly using metasploit.
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Rob Fuller
This talk (hopefully) provides some new pentesters tools and tricks. Basically a continuation of last year’s Dirty Little Secrets they didn’t teach you in Pentest class. Topics include; OSINT and APIs, certificate stealing, F**king with Incident Response Teams, 10 ways to psexec, and more. Yes, mostly using metasploit.
From Reversing to Exploitation: Android Application Security in EssenceSatria Ady Pradana
This document discusses techniques for analyzing and exploiting Android applications. It begins by explaining why security is important given people's growing dependency on digital technology and mobile devices. It then discusses decompiling APK files and using tools like Apktool, Dex2Jar, and decompilers to view an app's code. The document also covers using proxies like Burp Suite and Frida to intercept network traffic and manipulate app behavior at runtime. The goal is usually to obtain sensitive data, bypass restrictions, or modify the app. Examples of scenarios explored include tampering with network requests, bypassing security checks, and decrypting encrypted data.
Object-Oriented Programming in Functional Programming in SwiftGraham Lee
Far from being mutually exclusive ways to write software, OOP and functional programming are two useful mental toolsets for designing software. Graham explores how the two are related to find out more about each.
The document discusses taking a test drive of a new product from Fuzzy Aliens Limited. It includes the author's name and company but does not provide any other relevant details.
Securing the Web without site-specific passwordsFrancois Marier
Identity systems on the Web are a bit of a mess. Surely in 2013, we would have something else than usernames and passwords for logging into websites. A solution that doesn't require trusting a central authority.
It turns out that solving the general identity problem is very hard. Some of these solutions require complicated redirections, an overwhelming amount of jargon and lots of verbose XML. The technology has been around for a long time, but implementing it properly (and safely) is often incredibly difficult.
This talk will explore the challenges of the existing Web identity solutions and introduce the choices that we made during the development of Persona, a new cross-browser federated identity solution from Mozilla.
It will cover:
- a discussion of the complexities and privacy-related concerns that existing identity solutions have
- how crypto is used in Persona to provide both authentication and privacy
- the Persona federation approach: fully distributed with fallbacks
- demos and actual code from sites that have implemented Persona
- the basics of the Persona API so that attendees can go out and easily support this technology on their own sites
Trying to convince users to pick unique (and strong) passwords for each website is a losing battle. What we're proposing is a standard, built into browsers, that leverages the new security features that email providers are now offering. A simple federated solution to eliminate site-specific passwords.
Optimize Your SaaS Offering with Serverless Microservices (GPSTEC405) - AWS r...Amazon Web Services
In this hands-on session, we crack open the IDE and transform a SaaS web app comprised of several monolithic single-tenant environments into an efficient, scalable, and secure multi-tenant SaaS platform using ReactJS and NodeJS serverless microservices. We use Amazon API Gateway and Amazon Cognito to simplify the operation and security of the service’s API and identity functionality. We enforce tenant isolation and data partitioning with OIDC’s JWT tokens. We leverage AWS SAM and AWS Amplify to simplify authoring, testing, debugging, and deploying serverless microservices, keeping operational burden to a minimum, maximizing developer productivity, and maintaining a great developer experience.
How can you authenticate without authentication? Is there another way to perform authentication?
Those are the slides for a talk I gave at OWASP AppSec Israel.
This document summarizes Amazon Rekognition, Amazon's machine learning service for image and video analysis. It provides an overview of Rekognition's capabilities for image analysis including object detection, facial analysis, and text recognition. For video, it describes object/scene detection, activity recognition, person tracking, face search, and unsafe content detection. It also provides examples of how Rekognition is used by customers for applications like public safety, home monitoring, and media/entertainment.
The document discusses an overview of PayPal's new Android SDK for making payments. It describes how to implement PayPal payments in an Android app using the SDK in just 10 minutes. Developers can allow users to pay with PayPal or accept credit cards directly in the app using card.io scanning technology. The steps covered include configuring the Android manifest, starting the PayPal service, creating payment objects, launching the payment process, and verifying payments on the server.
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...NoNameCon
This document summarizes a presentation given by Cisco researchers on tracking a Ukrainian Bitcoin phishing ring. It discusses how the researchers used DNS data and analysis to link phishing domains to a criminal group called Coinhoarder. The researchers found the group was using lookalike domains to steal users' Bitcoin credentials from popular wallets and exchanges. They traced the domains and ransom payments and found the operation involved multiple actors conducting phishing, ransomware attacks, and money laundering.
Building an end to end image recognition service - Tel Aviv Summit 2018Amazon Web Services
In this session, we’ll learn how to build and deploy end to end solutions for ingesting and processing computer vision solutions, using machine learning models connected to live video streams, and getting insights such as face detection and object analysis. At the end of the session developers of all skill levels will be able to build their own deep learning powered, computer-vision applications. Attendees will learn how to experiment with different projects for face detection, object recognition and other video-based AWS Machine Learning services.
This is a talk on enforcing better GDPR compliance, user data privacy, and “security by design” principles through the language and visual components of API documentation. Practical and immediately applicable tips and insights from a Technical Writer working in data security.
APIdays Paris 2018 - Disagree with “I Agree”. Enforcing Better GDPR Complianc...apidays
This document discusses how application programming interface (API) documentation can be improved to better comply with the General Data Protection Regulation (GDPR). It highlights how API docs and tutorials should be tailored to be concise, informative, and transparent about how personal data is collected and used in order to meet GDPR requirements. The document provides examples of how to explain technical GDPR concepts in simple terms and emphasizes the importance of security by design and informing users about data privacy practices.
Johnathan Nightingale of Mozilla Corporation presents ideas for improving browser security user interfaces (UI). He argues that existing security UIs like padlocks are sparse, incomprehensible, and not carefully designed. He proposes five rules for good security UI: be meaningful, relevant, robust, available, and brave. As an example, he suggests replacing padlocks with "Larry", an identity indicator that clearly shows website identity and is based on standardized Extended Validation certificates. The presentation concludes by discussing additional aspects of security UI and soliciting further ideas and discussion.
Présentation des APIs Orange Partner par Thierry Gaillet le 16 avril 2015.
L'enregistrement est online sur la chaine de la Mobile Banking Factory 2 : https://bitly.com/youtubeMBF2
The document introduces Amazon Rekognition and Amazon Polly. It provides an overview of the capabilities of Amazon Rekognition for visual content analysis and Amazon Polly for text-to-speech. It then discusses specific features and use cases for each service, including object detection, facial analysis, and speech synthesis with different voices and languages.
How to Get the Most Out of Amazon Rekognition Video, a deep learning based vi...Amazon Web Services
Learning Objectives:
-Provide an overview of Amazon Rekognition Video capabilities
-Describe use cases and benefits
-Showcase how you can use Amazon Rekognition Video to easily build video analysis applications
The document discusses how to securely protect internal communication within an organization. It provides examples of how clear text communication, such as instant messages and emails, can expose sensitive information if intercepted. The document then introduces Virtual Security Technology (VST) solutions like virtual security appliances with firewalls and VPN tunnels, public key infrastructure (PKI) services, and secure identity cards to encrypt communication and authentication. These solutions aim to prevent data theft and security breaches that often originate from within organizations.
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Chris Gates
This talk (hopefully) provides some new pentesters tools and tricks. Basically a continuation of last year’s Dirty Little Secrets they didn’t teach you in Pentest class. Topics include; OSINT and APIs, certificate stealing, F**king with Incident Response Teams, 10 ways to psexec, and more. Yes, mostly using metasploit.
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Rob Fuller
This talk (hopefully) provides some new pentesters tools and tricks. Basically a continuation of last year’s Dirty Little Secrets they didn’t teach you in Pentest class. Topics include; OSINT and APIs, certificate stealing, F**king with Incident Response Teams, 10 ways to psexec, and more. Yes, mostly using metasploit.
From Reversing to Exploitation: Android Application Security in EssenceSatria Ady Pradana
This document discusses techniques for analyzing and exploiting Android applications. It begins by explaining why security is important given people's growing dependency on digital technology and mobile devices. It then discusses decompiling APK files and using tools like Apktool, Dex2Jar, and decompilers to view an app's code. The document also covers using proxies like Burp Suite and Frida to intercept network traffic and manipulate app behavior at runtime. The goal is usually to obtain sensitive data, bypass restrictions, or modify the app. Examples of scenarios explored include tampering with network requests, bypassing security checks, and decrypting encrypted data.
Object-Oriented Programming in Functional Programming in SwiftGraham Lee
Far from being mutually exclusive ways to write software, OOP and functional programming are two useful mental toolsets for designing software. Graham explores how the two are related to find out more about each.
The document discusses taking a test drive of a new product from Fuzzy Aliens Limited. It includes the author's name and company but does not provide any other relevant details.
Smartphone security and privacy: you're doing it wrongGraham Lee
Before you can get security or privacy features correct, you must understand how people think and how this will impact any UI you show for your privacy settings. In this presentation, I discuss the user's mental model and see how this impacts on iPhone and Android privacy UI.
A look at how the clang static analyser works and how third-party developers can add their own analysis rules, and at the klee symbolic code executor in LLVM.
An introduction to the motivation and theory behind test-driven development, suitable for people with experience in Mac or iOS development using Objective-C.
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
In this presentation we’ll look at some of the security mitigations in the iPhone OS, and try and determine what risks are being addressed. Ideally we’d work the other way round but we need to treat Apple’s threat model as a black box.
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
Rely on the fact that a signature can be generated with the private key (by decrypting the checksum), and verified with the public key (by encrypting the signature and comparing with the checksum). Then a certificate explains who the holder of the private key is. Next: what this means to an app
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
So that’s how the theory applies to an application. We sign all of the application content (on iPhone only; things change slightly on Macs due to the presence of dynamic libraries) so that even if an image or help file changes, we can detect it.
Identifying something is only useful if you’re going to ask questions about its identity. On the iPhone (and Mac) there’s a requirements language that lets you test properties of the developer’s identity and of the application. Applications have at least one requirement: the _designated_ requirement. Any code object that satisfies an app’s designated requirement is another version of that app, as far as the OS is concerned.
Identifying something is only useful if you’re going to ask questions about its identity. On the iPhone (and Mac) there’s a requirements language that lets you test properties of the developer’s identity and of the application. Applications have at least one requirement: the _designated_ requirement. Any code object that satisfies an app’s designated requirement is another version of that app, as far as the OS is concerned.
Identifying something is only useful if you’re going to ask questions about its identity. On the iPhone (and Mac) there’s a requirements language that lets you test properties of the developer’s identity and of the application. Applications have at least one requirement: the _designated_ requirement. Any code object that satisfies an app’s designated requirement is another version of that app, as far as the OS is concerned.
Identifying something is only useful if you’re going to ask questions about its identity. On the iPhone (and Mac) there’s a requirements language that lets you test properties of the developer’s identity and of the application. Applications have at least one requirement: the _designated_ requirement. Any code object that satisfies an app’s designated requirement is another version of that app, as far as the OS is concerned.
Identifying something is only useful if you’re going to ask questions about its identity. On the iPhone (and Mac) there’s a requirements language that lets you test properties of the developer’s identity and of the application. Applications have at least one requirement: the _designated_ requirement. Any code object that satisfies an app’s designated requirement is another version of that app, as far as the OS is concerned.
Identifying something is only useful if you’re going to ask questions about its identity. On the iPhone (and Mac) there’s a requirements language that lets you test properties of the developer’s identity and of the application. Applications have at least one requirement: the _designated_ requirement. Any code object that satisfies an app’s designated requirement is another version of that app, as far as the OS is concerned.
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
What you can’t see from this slide: the developer (D) and beta tester (B) must collude on production of the provisioning profile, and B can only produce a finite number of beta-test permissions for every app. It’s about 100. Also, Apple (A) adds DRM to the application before re-signing it and submitting it to the customer (C), so each app can be identified with the customer who purchased it. Before re-signing an application, Apple subjects it to a vetting process.
Exercise: see if you can determine the routes malware authors will use to get their malicious software onto the phones of either B or C. How could these vulnerabilities be mitigated?
Keychain, or a similar API, exists on other platforms but in the case of the iPhone the private key is baked into the device rather than being derived from a password. What does that mean for the confidentiality of the keychain items? What about when the phone is backed up using iTunes?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?
Each application has space for its documents, library files (prefs and support files), cache/scratch files and confidential data. But no application can work with the files of any other, and access to system files is limited to public API. Why should Apple put this restriction in? What benefits does it provide?