29 October 2012
Big problems in validation of SSL certificates in non-browser software
SSL certificate validation is completely broken in many security-critical applications and libraries, largely due to badly designed APIs of SSL implementations and data-transport libraries which present developers with a confusing array of settings and options.
28 September 2012
Adding symbolic breakpoints in XCode
An often overlooked feature.
20 August 2012
Smartphone Pentest Framework open-source security tool
A set of perl scripts with a console as well as web frontend and Android app console. At the moment the tool has an Android agent, with iOS and Blackberry agents in the works. There's also a forum setup by the tool's creator to foster community involvement.
09 August 2012
TippingPoint blog post on reverse engineering iPhone AppStore binaries
Q brief post on some challenges and tricks to reverse engineering iPhone AppStore binaries.
31 July 2012
iOS hardware information spreadsheet by Chris Miles
handy summary of iOS hardware info per device. Useful for systems architects, developers, and designers.