Nytro Posted November 27, 2011 Report Posted November 27, 2011 iOS application security - CCCamp 2011 Uploaded by CCCen on Nov 25, 2011iOS application securityA look at the security of 3rd party iOS applicationsOver the last few years there has been a signifant amount of iPhone and iPad application development going on. Although based on Mac OSX, its development APIs are new and very specific to the iPhone and iPad. In this presentation, Ilja van Sprundel, Principal Security Consultant at IOActive, will discuss lessons learned from auditing iPhone and iPad applications over the last year.It will cover the use of specific APIs, why some of them aren't granular enough, and why they might expose way too much attack surface. The talk will cover ssl, xml, url handling, UIWebViews and more. Furthermore, it will also cover what apps are allowed to do when inside their sandbox once an application has been hacked.Speaker: Ilja van SprundelEventID: 4490Event: Chaos Communication Camp 2011 (CCCamp 2011) of the Chaos Computer Club [CCC]Language: englishStart: 11.08.2011 21:00:00 +02:00License: CC-by-nc-saVideo:http://www.youtube.com/watch?v=Gq3lSw9sTv4&feature=related Quote
