With the goal of enforcing best practices for secure network connections, iOS 9 introduces new security requirements and behavior with its new App Transport Security (ATS) feature. If you are not planning to recompile your apps with Apple’s iOS 9 SDK (or Xcode…
When deploying (mobile) apps for verticals such as Healthcare or Banking, you typically have to get the app approved or blessed by the customer’s IT security team. Some tips or info: Only deploy, even for Proof of Concepts (POCs), properly signed apps Do…
NIST Special Publication 800-163 Vetting the Security of Mobile Applications Steve Quirolgico Jeffrey Voas Tom Karygiannis Christoph Michael Karen Scarfone This publication is available free of charge from: http://dx.doi.org/10.6028/NIST.SP.800-163. Also attached: NIST.SP.800-163 /ceo
This is Part 3 of a series on Security & Privacy for Mobile Apps. Part 1 of this series introduced main concepts related to security on mobile apps. Part 2 went deeper into the security elements and guidelines related to security and privacy…
This is Part 1 of a series on Security & Privacy for Mobile Apps. (Note: in this article mobile apps means both native and webapps) Are you Serious About Security on your mobile apps or webapps? Security and privacy is an area that…
“When you develop Android applications, you must deal with a number of security-related aspects, including application processes and sandboxes, code and data sharing, system protection through application signing, and permissions use.” See my article Understanding security on Android (IBM developerWorks) which introduces the…
And the world has suddenly gone paranoid and/or Big-Brother with RIM: In the UAE where “The issue … against BlackBerry’s super-secure encrypted services” (Reuters); In India where “Indian officials say they need to be able to intercept BlackBerry messages” (Information Week); In Indonesia…
(c) CEO 2001-2024
