OOP the Easy Way
Object-Oriented Programming the Easy Way: a manifesto for reclaiming OOP from three decades of confusion and needless complexity.APPropriate Behaviour
APPosite Concerns
FSF
Category Archives: threatmodel
App security consultancy from your favourite boffin
I’m very excited to soon be joining the ranks of Agant Ltd, working on some great apps with an awesome team of people. I’ll be bringing with me my favourite title, Smartphone Security Boffin. Any development team can benefit from … Continue reading
Posted in Business, ssl, threatmodel
Comments Off on App security consultancy from your favourite boffin
A site for discussing app security
There’s a new IT security site over at Stack Exchange. Questions and answers on designing and implementing IT security policy, and on app security are all welcome. I’m currently a moderator at the site, but that’s just an interim thing … Continue reading
Posted in code-level, Policy, Privacy, Talk, threatmodel
Leave a comment
On Fuzzy Aliens
I have just launched a new company, Fuzzy Aliens[*], offering application security consultancy services for smartphone app developers. This is not the FAQ list, this is the “questions I want to answer so that they don’t become frequently asked” list. … Continue reading
Posted in Business, code-level, iPad, iPhone, Privacy, software-engineering, threatmodel
Leave a comment
On voices that matter
In October I’ll be in Philadelphia, PA talking at Voices That Matter: Fall iPhone Developers’ Conference. I’m looking forward to meeting some old friends and new faces, and sucking up a little more of that energy and enthusiasm that pervades … Continue reading
Posted in code-level, iPad, iPhone, Talk, threatmodel, tool-support
Leave a comment
On Fitt’s Law and Security
…eh? Don’t worry, read on and all shall be explained. I’ve said in multiple talks and podcasts before that one key to good security is good user interface design. If users are comfortable performing their tasks, and your application is … Continue reading
Posted in iPad, iPhone, Mac, threatmodel, UI, user-error
1 Comment
On improved tool support for Cocoa developers
I started writing some tweets, that were clearly taking up too much room. They started like this: My own thoughts: tool support is very important to good software engineering. 3.3.1 is not a big inhibitor to novel tools. /cc @rentzsch … Continue reading
Posted in PCAS, threatmodel, tool-support
1 Comment
Which vendor “is least secure”?
The people over at Intego have a blog post, Which big vendor is least secure? They discuss that because Microsoft have upped their game, malware authors have started to target other products, notably those produced by Adobe and Apple. That … Continue reading
Posted in Business, Responsibility, threatmodel, Vulnerability
2 Comments