OOP the Easy Way
Object-Oriented Programming the Easy Way: a manifesto for reclaiming OOP from three decades of confusion and needless complexity.APPropriate Behaviour
APPosite Concerns
FSF
Monthly Archives: December 2010
Protecting source code
As I mentioned on the missing iDeveloper.tv Live episode, one of the consequences of the Gawker hack was that their source code for their internal software was leaked into the Internet. I doubt any of my readers would want that … Continue reading
Posted in Business, code-level, Data Leakage, Encryption, Policy, Responsibility, software-engineering
5 Comments
On the Mac App Store
I’ve just come off iDeveloper.TV Live with Scotty and John, where we were talking about the Mac app store. I had some material prepared about the security side of the app store that we didn’t get on to – here’s … Continue reading
Posted in AAPL, Business, code-level, Encryption, government, iDeveloper.TV, Mac, Policy, Talk
1 Comment
Did the UK create a new kind of “Crypto Mule”?
It’s almost always the case that a new or changed law means that there is a new kind of criminal, because there is by definition a way to contravene the new law. However, when the law allows the real criminals … Continue reading
On how to get crypto wrong
I’ve said time and time again: don’t write your own encryption algorithm. Once you’ve chosen an existing algorithm, don’t write your own implementation. Today I had to look at an encryption library that had been developed to store some files … Continue reading
Posted in code-level, Crypto, Encryption
1 Comment
A site for discussing app security
There’s a new IT security site over at Stack Exchange. Questions and answers on designing and implementing IT security policy, and on app security are all welcome. I’m currently a moderator at the site, but that’s just an interim thing … Continue reading
Posted in code-level, Policy, Privacy, Talk, threatmodel
Leave a comment
On Fuzzy Aliens
I have just launched a new company, Fuzzy Aliens[*], offering application security consultancy services for smartphone app developers. This is not the FAQ list, this is the “questions I want to answer so that they don’t become frequently asked” list. … Continue reading
Posted in Business, code-level, iPad, iPhone, Privacy, software-engineering, threatmodel
Leave a comment