iOS Security 101-ish
As you probably know, iOS apps are isolated from each other via the Apple sandbox ("Seatbelt"). However, that doesn't mean developers shouldn't pay attention to their users safety.
In this talk we will briefly cover all layers of iOS security architecture, delve into secrets of Secure Enclave and discuss the most common mistakes and vulnerabilities to prevent them from happening in the future, as well as have a sneak peek into penetration testing done right.
I will share a few examples of security flaws I found during the last few years and show how to use various tools to spot and fix them.
Similar Talks
Modern devices are way more powerful for users to notice a difference between bubble sort and merge sort. Or not? Should everyone know how to implement Ukkonen's algorithm if they develop a weather app? What's the "Big O" of your average app and how to determine it?
The second part of a thorough introduction into iOS Security, from various pentesting techniques, to possible flaws to use-cases and tools.
Debunked the "iOS is secure by default" myth in 90 minutes. Walked through real pentesting techniques, tools, and war stories from the security trenches.
What teaching iOS at a Russian university taught me about learning. Turns out developers and nomads have more in common than you'd think โ we both carry only what we need.