Category Archives: security

Did you miss my NSConference talk?

Posted on 2009-04-21 by Graham Lee

The annotated presentation slides are now available to download in Keynote ’08 format! Sorry you couldn’t make it, and I hope the slides are a reasonable proxy for the real thing.

Posted in conference, macdevnet, security | Leave a comment

On default keychain settings

Posted on 2009-04-19 by Graham Lee

After my presentation at NSConference there was a discussion of default settings for the login keychain. I mentioned that I had previously recommended some keychain configuration changes including using a different password than your login password. Default behaviour is that … Continue reading

Posted in conference, Keychain, security | Leave a comment

NSConference: the aftermath

Posted on 2009-04-17 by Graham Lee

So, that’s that then, the first ever NSConference is over. But what a conference! Every session was informative, edumacational and above all enjoyable, including the final session where (and I hate to crow about this) the “American” team, who had … Continue reading

Posted in cocoa, conference, iPhone, macdevnet, metadev, objc, security, xcode | Leave a comment

Tautology of the year (so far)

Posted on 2009-01-03 by Graham Lee

From iDefense, via DarkReading: A recent wave of fatwas issued by radical Islamic religious leaders in that region authorizing these groups to use cyberattacks to defend Islam has opened the door for these groups to wage cyberattacks, according to iDefense. … Continue reading

Posted in rant, security | Leave a comment

better security, not always more security

Posted on 2008-12-21 by Graham Lee

Today’s investigative investigations have taken me to the land of Distributed Objects, that somewhat famous implementation of the Proxy pattern used for intra-process, inter-process and inter-machine communication in Cocoa. Well, by people who measure whether it’s a performance hog, rather … Continue reading

Posted in cocoa, gnustep, objc, openstep, RPC, security | Leave a comment

Whither the codesign interface?

Posted on 2008-12-12 by Graham Lee

One of the higher-signal-level Apple mailing lists with a manageable amount of traffic is apple-cdsa, the place for discussing the world’s most popular Common Data Security Architecture deployment. There’s currently an interesting thread about code signatures, which asks the important … Continue reading

Posted in darwin, security, usability | Leave a comment

You keep using that word. I do not think it means what you think it means.

Posted on 2008-12-02 by Graham Lee

In doing a little audience research for my spot at MacDev 2009, I’ve discovered that the word “security” to many developers has a particular meaning. It seems to be consistent with “hacker-proof”, and as it could take most of my … Continue reading

Posted in conference, metadev, rant, security, usability | Leave a comment

More on MacDev

Posted on 2008-11-04 by Graham Lee

Today is the day I start preparing my talk for MacDev 2009. Over the coming weeks I’ll likely write some full posts on the things I decide not to cover in the talk (it’s only an hour, after all), and … Continue reading

Posted in conference, macdevnet, metadev, security, Talk, usability | Leave a comment

All you never wanted to know about temporary files and were too ambivalent to ask

Posted on 2008-10-19 by Graham Lee

In the beginning, there was mktemp. And it was good. Actually, that’s a load of rubbish, it wasn’t good at all. By separating the “give me the name of a temporary file” and “open the file” stages, there’s a chance … Continue reading

Posted in security, UNIX | Leave a comment

MacDev 2009!

Posted on 2008-09-28 by Graham Lee

It’s a long way off, but now is a good time to start thinking about the MacDev ’09 conference, organised by the inimitable Scotty of the Mac Developer Network. This looks like being Europe’s closest answer to WWDC, but without … Continue reading

Posted in cocoa, macdevnet, metadev, nscoder, objc, ooa/d, security | Leave a comment