Category Archives: security

Apple and Bug Bounties

Posted on 2021-09-24 by Graham

I know that there are bigger problems to discuss about Apple’s approach to business and partnerships at the mo, but their handling of security researchers seems particularly cynical and hypocritical. See, for example, this post about four reported iPhone 0days … Continue reading →

Posted in AAPL, Privacy, security | Leave a comment

On writing a book

Posted on 2010-04-02 by Graham Lee

Well, I’ve performed my final author’s review, and Professional Cocoa Application Security is all with the printers. This post is about my experiences writing the book, not the book material itself. My original motivation for writing PCAS was that it … Continue reading →

Posted in book, cocoa, security | 1 Comment

Nearly the end-of-year review

Posted on 2009-12-29 by Graham Lee

My first post (Farkers, feel free to replace that with “boobies”) of the year 2009 was a review of 2008’s blog and look forward to 2009. It’s time to do the same for the 2009/2010 blogyear bifecta. Let’s start with … Continue reading →

Posted in meta-interwebs, omnifocus, personal, security, Twitter | Leave a comment

On Operation Chokehold

Posted on 2009-12-17 by Graham Lee

So Fake Steve Jobs has announced Operation Chokehold, a wireless flashmob in which disgruntled AT&T customers are to use data-intensive apps for an hour in protest at the poor service and reduced investment AT&T provide on their network. At time … Continue reading →

Posted in iPhone, security | Leave a comment

NSConference videos

Posted on 2009-07-14 by Graham Lee

Scotty and the gang have been getting the NSConference videos out to the public lately, and now sessions 7-9 are available including my own session on security. The videos are really high quality, I’m impressed by the postproduction that’s gone … Continue reading →

Posted in cocoa, conference, macdevnet, security, Talk | Leave a comment

Just because Brucie says it…

Posted on 2009-07-03 by Graham Lee

Bruce Schneier claims that shoulder-surfing isn’t much of a problem these days. Plenty of people discovered “my password” at NSConference, so I disagree :-) (photo courtesy of stuff mc).

Posted in security, usability | 1 Comment

Follow-up-and-slightly-over on safety/security

Posted on 2009-06-03 by Graham Lee

The one thing which makes this a less-than-standard follow-up is that the original was not posted here, but over on paranym Graham Cluley’s blog. I originally wrote about the (fictitious) difference between safety and security. For those who didn’t clickety … Continue reading →

Posted in AAPL, leopard, msft, security | Leave a comment

The rokeg blood pie^W^W^Wplot thickens

Posted on 2009-05-20 by Graham Lee

So, having already discussed Klingon Anti-Virus, the under-research Klingon threat detection tool made available by Sophos, it seems that more information has been made available. From no less, or indeed more, of a source than the blog of my Clu-ful … Continue reading →

Posted in enterprise, klingon, security, star trek | 1 Comment

Detect the gagh lurking in your system!

Posted on 2009-05-19 by Graham Lee

Following up on my previous ability to get to the top of a Google search for a Klingon word (that one was chuvmey, as in my post Model, View, chuvmey) here is yet another attempt. At what? Why, at skewing … Continue reading →

Posted in enterprise, klingon, security, star trek | Leave a comment

Rootier than root

Posted on 2009-05-02 by Graham Lee

There’s a common misconception, the book I’m reading now suffers from it, that single-user mode on a unix such as mac os x gives you root access. Actually, it grants you higher access than root. For example, set the immutable … Continue reading →

Posted in darwin, security, UNIX | 3 Comments