Muutke küpsiste eelistusi

iOS Application Security [Pehme köide]

3.89/5 (86 hinnangut Goodreads-ist)
  • Formaat: Paperback / softback, 296 pages, kõrgus x laius: 234x178 mm
  • Ilmumisaeg: 16-Feb-2016
  • Kirjastus: No Starch Press,US
  • ISBN-10: 159327601X
  • ISBN-13: 9781593276010
Teised raamatud teemal:
iOS Application SecuritySuurem pilt
  • Formaat: Paperback / softback, 296 pages, kõrgus x laius: 234x178 mm
  • Ilmumisaeg: 16-Feb-2016
  • Kirjastus: No Starch Press,US
  • ISBN-10: 159327601X
  • ISBN-13: 9781593276010
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781593276010.html
Märksõnad:

Every day, over half a billion iOS users blindly entrust mobile devices with their personal information. If you write an application that mishandles that information, you'll create a goldmine for attackers—and a catastrophe for you and your customers. Whether you develop iOS apps or test their defenses, it's critical that you know how to track down and eliminate security threats before they become real issues.

In iOS Application Security, author David Thiel shows you how to write apps that actually protect users from the bad guys. He covers everything you need to know to design secure iOS apps from the ground up, including:

  • A whirlwind tour of iOS application structure and Objective-C design patterns
  • A glimpse into the iOS security model and the limits of its built-in protections
  • The myriad ways that sensitive data can leak into places it shouldn't be
  • Legacy flaws from C that still cause problems in modern iOS applications
  • Implementing encryption with the Keychain, the Data Protection API, and Common Crypto


iOS Application Security reveals not only the sort of coding mistakes that developers and security professionals encounter when writing and testing apps but also how to fix them. Complete with coverage of the upcoming iOS 8, Thiel pulls otherwise fragmented information about industry best practices into this essential guide to secure app development.

Arvustused

The book is strongly recommended for all iOS app developers, especially for those who use the Objective-C programming language. Computing Reviews

In summary, this is a book that every iOS developer needs to read and then act on. The next time you see an app that leaks private data everywhere, is vulnerable to a whole host of injection attacks, and uses crypto like its 1995, ask them why they didnt consult this book before shipping. ;login:

iOS Application Security offers an excellent foundation for anyone interested in ethical hacking on mobile platforms. This is going to be a growing sector of the penetration testing industry, as mobile devices assume an ever-greater importance in corporate IT estates." Network Security Newsletter

"Worthy read and covers a lot of ground in 200ish pages. Well recommended." Michael Howard, author of Writing Secure Code

"A major asset to any iOS developer who wants to ensure his app's ability to protect a user's data. I would highly recommend anyone interested in the field of iOS app security to take a close look at iOS Application Security." MacTrast

Foreword xix
Alex Stamos
Acknowledgments xxi
Introduction xxiii
Who This Book Is For
xxiv
What's in This Book
xxiv
How This Book Is Structured
xxiv
Conventions This Book Follows
xxvi
A Note on Swift
xxvi
Mobile Security Promises and Threats
xxvii
What Mobile Apps Shouldn't Be Able to Do
xxvii
Classifying Mobile Security Threats in This Book
xxviii
Some Notes for iOS Security Testers
xxx
Part I IOS Fundamentals
1 The IOS Security Model
3(10)
Secure Boot
4(1)
Limiting Access with the App Sandbox
4(1)
Data Protection and Full-Disk Encryption
5(3)
The Encryption Key Hierarchy
6(1)
The Keychain API
7(1)
The Data Protection API
7(1)
Native Code Exploit Mitigations: ASLR, XN, and Friends
8(1)
Jailbreak Detection
9(1)
How Effective Is App Store Review?
10(2)
Bridging from WebKit
11(1)
Dynamic Patching
11(1)
Intentionally Vulnerable Code
12(1)
Embedded Interpreters
12(1)
Closing Thoughts
12(1)
2 Objective-C For The Lazy
13(14)
Key iOS Programming Terminology
14(1)
Passing Messages
14(1)
Dissecting an Objective-C Program
15(3)
Declaring an Interface
15(1)
Inside an Implementation File
16(2)
Specifying Callbacks with Blocks
18(1)
How Objective-C Manages Memory
18(1)
Automatic Reference Counting
19(1)
Delegates and Protocols
20(2)
Should Messages
20(1)
Will Messages
20(1)
Did Messages
20(1)
Declaring and Conforming to Protocols
21(1)
The Dangers of Categories
22(1)
Method Swizzling
23(2)
Closing Thoughts
25(2)
3 IOS Application Anatomy
27(14)
Dealing with plist Files
29(3)
Device Directories
32(1)
The Bundle Directory
33(1)
The Data Directory
34(3)
The Documents and Inbox Directories
34(1)
The Library Directory
35(2)
The tmp Directory
37(1)
The Shared Directory
37(1)
Closing Thoughts
38(3)
Part II Security Testing
4 Building Your Test Platform
41(20)
Taking Off the Training Wheels
41(1)
Suggested Testing Devices
42(1)
Testing with a Device vs. Using a Simulator
43(1)
Network and Proxy Setup
43(7)
Bypassing TLS Validation
44(2)
Bypassing SSL with stunnel
46(1)
Certificate Management on a Device
47(1)
Proxy Setup on a Device
48(2)
Xcode and Build Setup
50(5)
Make Life Difficult
51(2)
Enabling Full ASLR
53(1)
Clang and Static Analysis
54(1)
Address Sanitizer and Dynamic Analysis
55(1)
Monitoring Programs with Instruments
55(4)
Activating Instruments
55(3)
Watching Filesystem Activity with Watchdog
58(1)
Closing Thoughts
59(2)
5 Debugging With LLDB And Friends
61(16)
Useful Features in Ildb
62(10)
Working with Breakpoints
62(2)
Navigating Frames and Variables
64(4)
Visually Inspecting Objects
68(1)
Manipulating Variables and Properties
69(1)
Breakpoint Actions
70(2)
Using Ildb for Security Analysis
72(3)
Fault Injection
72(2)
Tracing Data
74(1)
Examining Core Frameworks
74(1)
Closing Thoughts
75(2)
6 Black-Box Testing
77(30)
Installing Third-Party Apps
78(2)
Using a .app Directory
78(2)
Using a .ipa Package File
80(1)
Decrypting Binaries
80(9)
Launching the debugserver on the Device
81(3)
Locating the Encrypted Segment
84(3)
Dumping Application Memory
87(2)
Reverse Engineering from Decrypted Binaries
89(7)
Inspecting Binaries with otool
90(2)
Obtaining Class Information with class-dump
92(1)
Extracting Data from Running Programs with Cycript
93(1)
Disassembly with Hopper
94(2)
Defeating Certificate Pinning
96(1)
Hooking with Cydia Substrate
97(3)
Automating Hooking with Introspy
100(3)
Closing Thoughts
103(4)
Part III Security Quirks Of The Cocoa API
7 IOS Networking
107(24)
Using the iOS URL Loading System
108(9)
Using Transport Layer Security Correctly
108(2)
Basic Authentication with NSURLConnection
110(2)
Implementing TLS Mutual Authentication with NSURLConnection
112(1)
Modifying Redirect Behavior
113(1)
TLS Certificate Pinning
114(3)
Using NSURLSession
117(5)
NSURLSession Configuration
117(1)
Performing NSURLSession Tasks
118(1)
Spotting NSURLSession TLS Bypasses
119(1)
Basic Authentication with NSURLSession
119(2)
Managing Stored URL Credentials
121(1)
Risks of Third-Party Networking APIs
122(3)
Bad and Good Uses of AFNetworking
122(2)
Unsafe Uses of ASIHTTPRequest
124(1)
Multipeer Connectivity
125(2)
Lower-Level Networking with NSStream
127(1)
Even Lower-level Networking with CFStream
128(1)
Closing Thoughts
129(2)
8 Interprocess Communication
131(16)
URL Schemes and the openURL Method
132(5)
Defining URL Schemes
132(1)
Sending and Receiving URL/IPC Requests
133(1)
Validating URLs and Authenticating the Sender
134(2)
URL Scheme Hijacking
136(1)
Universal Links
137(2)
Sharing Data with UIActivity
139(1)
Application Extensions
140(4)
Checking Whether an App Implements Extensions
141(1)
Restricting and Validating Shareable Data
142(1)
Preventing Apps from Interacting with Extensions
143(1)
A Failed IPC Hack: The Pasteboard
144(1)
Closing Thoughts
145(2)
9 IOS-Targeted Web APPS
147(14)
Using (and Abusing) UIWebViews
147(3)
Working with UIWebViews
148(1)
Executing JavaScript in UIWebViews
149(1)
Rewards and Risks of JavaScript-Cocoa Bridges
150(8)
Interfacing Apps with JavaScriptCore
150(4)
Executing JavaScript with Cordova
154(4)
Enter WKWebView
158(2)
Working with WKWebViews
158(1)
Security Benefits of WKWebViews
159(1)
Closing Thoughts
160(1)
10 Data Leakage
161(28)
The Truth About NSLog and the Apple System Log
161(3)
Disabling NSLog in Release Builds
163(1)
Logging with Breakpoint Actions Instead
164(1)
How Sensitive Data Leaks Through Pasteboards
164(5)
Restriction-Free System Pasteboards
165(1)
The Risks of Custom-Named Pasteboards
165(2)
Pasteboard Data Protection Strategies
167(2)
Finding and Plugging HTTP Cache Leaks
169(6)
Cache Management
170(1)
Solutions for Removing Cached Data
171(3)
Data Leakage from HTTP Local Storage and Databases
174(1)
Keylogging and the Autocorrection Database
175(3)
Misusing User Preferences
178(1)
Dealing with Sensitive Data in Snapshots
178(6)
Screen Sanitization Strategies
179(3)
Why Do Those Screen Sanitization Strategies Work2
182(1)
Common Sanitization Mistakes
183(1)
Avoiding Snapshots by Preventing Suspension
183(1)
Leaks Due to State Preservation
184(1)
Secure State Preservation
185(2)
Getting Off iCloud to Avoid Leaks
187(1)
Closing Thoughts
188(1)
11 Legacy Issues And Baggage From C
189(10)
Format Strings
190(3)
Preventing Classic C Format String Attacks
191(1)
Preventing Objective-C Format String Attacks
192(1)
Buffer Overflows and the Stack
193(3)
A strcpy Buffer Overflow
194(1)
Preventing Buffer Overflows
195(1)
Integer Overflows and the Heap
196(2)
A malloc Integer Overflow
197(1)
Preventing Integer Overflows
198(1)
Closing Thoughts
198(1)
12 Injection Attacks
199(12)
Client-Side Cross-Site Scripting
199(4)
Input Sanitization
200(1)
Output Encoding
201(2)
SQL Injection
203(1)
Predicate Injection
204(1)
XML Injection
205(2)
Injection Through XML External Entities
205(2)
Issues with Alternative XML Libraries
207(1)
Closing Thoughts
207(4)
Part IV Keeping Data Safe
13 Encryption And Authentication
211(22)
Using the Keychain
211(8)
The Keychain in User Backups
212(1)
Keychain Protection Attributes
212(2)
Basic Keychain Usage
214(3)
Keychain Wrappers
217(1)
Shared Keychains
218(1)
iCloud Synchronization
219(1)
The Data Protection API
219(6)
Protection Levels
220(3)
The DataProtectionClass Entitlement
223(1)
Checking for Protected Data Availability
224(1)
Encryption with CommonCrypto
225(3)
Broken Algorithms to Avoid
226(1)
Broken Initialization Vectors
226(1)
Broken Entropy
227(1)
Poor Quality Keys
227(1)
Performing Hashing Operations
228(1)
Ensuring Message Authenticity with HMACs
229(1)
Wrapping CommonCrypto with RNCryptor
230(1)
Local Authentication: Using the TouchlD
231(1)
How Safe Are Fingerprints?
232(1)
Closing Thoughts
232(1)
14 Mobile Privacy Concerns
233(16)
Dangers of Unique Device Identifiers
233(3)
Solutions from Apple
234(1)
Rules for Working with Unique Identifiers
235(1)
Mobile Safari and the Do Not Track Header
236(1)
Cookie Acceptance Policy
237(1)
Monitoring Location and Movement
238(2)
How Geolocation Works
238(1)
The Risks of Storing Location Data
238(1)
Restricting Location Accuracy
239(1)
Requesting Location Data
240(1)
Managing Health and Motion Information
240(3)
Reading and Writing Data from HealthKit
241(1)
The M7 Motion Processor
242(1)
Requesting Permission to Collect Data
243(1)
Proximity Tracking with iBeacons
244(3)
Monitoring for iBeacons
244(2)
Turning an iOS Device into an iBeacon
246(1)
iBeacon Considerations
247(1)
Establishing Privacy Policies
247(1)
Closing Thoughts
248(1)
Index 249
David Thiel has almost 20 years of computer security experience, with expertise in penetration testing and iOS application security. He has presented at security conferences like BlackHat and DEFCON, and he currently works as a Vice President at the security firm iSEC Partners. Thiel's research and his work on Mobile Application Security (McGraw Hill) helped launch the field of iOS application security.