Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

iOS development - tips & tricks

580 views

Published on

Published in: Software
  • Be the first to comment

  • Be the first to like this

iOS development - tips & tricks

  1. 1. iOS Development - Tips & Tricks iOS Development - Tips & Tricks Software Development Lead - iOS Galin Kardzhilov Software Development Manager - iOS Stefan Tsvyatkov
  2. 2. iOS Development - Tips & Tricks Agenda  Why iOS  Some challenges  iOS Security
  3. 3. iOS Development - Tips & Tricks About Me  Started with
  4. 4. iOS Development - Tips & Tricks About Me
  5. 5. iOS Development - Tips & Tricks Why iOS? -(NSString *)generateReasonsWhyiOS { NSMutableString *reasons = [[NSMutableString alloc] init]; [reasons appendString:@"It's new"]; [reasons appendString:@"It's challenging"]; [reasons appendString:@"It compiles to native"]; [reasons appendString:@"You have to deal with hardware limitations"]; [reasons appendString:@"You have to provide responsiveness"]; [reasons appendString:@"You have to provide usability"]; [reasons appendString:@"You have to provide security"]; [reasons appendString:@"0ften craftsmanship [reasons appendString:@"Your code runs into people's pockets"]; return reasons; }
  6. 6. iOS Development - Tips & Tricks  Table view  Background image  Custom drawn cells … flipped Watch video @ http://youtu.be/Um971SFzOfQ
  7. 7. iOS Development - Tips & Tricks Watch video @ http://youtu.be/HrK6PevFYkI
  8. 8. iOS Development - Tips & Tricks Scroll View Custom View
  9. 9. iOS Development - Tips & Tricks
  10. 10. iOS Development - Tips & Tricks Security in iOS  Local Storage  Communication with the server  Binary analysis and manipulation
  11. 11. iOS Development - Tips & Tricks Local Storage Security  NSUserDefaults  Convenient  Not encrypted by default  Keeps the data in a plist file  CoreData  Not encrypted by default  Keeps the data in sqlite db Not secure
  12. 12. iOS Development - Tips & Tricks Local Storage Security  Keychain Access  Encrypted by default  A bit more complex for use  Insecure on jailbroken devices  Data encryption  Crypto API  Obfuscate the encryption key  Use unique device information String constant [[UIDevice currentDevice] identifierForVendor] Custom algorith Secure encryption
  13. 13. iOS Development - Tips & Tricks Server Communication Security  Use SSL  Don’t accept self-signed certificates  Client and server side data validation
  14. 14. iOS Development - Tips & Tricks Runtime Manipulation #import "AppDelegate.h" #import "ptrace.h" ! int main(int argc, char * argv[]) { #ifndef DEBUG ptrace(PT_DENY_ATTACH, 0, 0, 0); #endif @autoreleasepool { return UIApplicationMain(argc, argv, nil, NSStringFromClass([AppDelegate class])); } }  ptrace  Deny a debugger to attach  Can be patched from binary  Put it in multiple places
  15. 15. iOS Development - Tips & Tricks !  SEC_IS_BEING_DEBUGGED_RETURN_NIL() ! ! ! ! ! !  Check if a debugger is attached  Hard to be patched from binary  Make the check regularly and in critical parts  Doesn’t work against Cycript Runtime Manipulation #ifndef DEBUG SEC_IS_BEING_DEBUGGED_RETURN_NIL(); #endif
  16. 16. iOS Development - Tips & Tricks Conclusion  Keychain Access for storing  SSL for transporting  Check for debuggers  100% security does not exist
  17. 17. iOS Development - Tips & Tricks Thank you! Galin Kardzhilov @gravera Stefan Tsvyatkov @stsvyatkov

×