Author Archives: Graham

About Graham

I make it faster and easier for you to create high-quality code.

On, or rather in, Seattle

Posted on 2011-02-23 by Graham

I’ve never been to Washington before, so I’m looking forward to Voices That Matter: iPhone Developers Conference in April. Of course, you know I like the sound of my own voice enough to be speaking: my talk this year will … Continue reading →

Posted in Uncategorized | 1 Comment

On repeatable builds

Posted on 2011-02-16 by Graham

One of the key features of software engineering, as distinct from cowboy coding or hacking, is that it should be repeatable. That doesn’t mean that you should do the same project twice in identical ways from beginning to end: that … Continue reading →

Posted in software-engineering | 1 Comment

On squeezing out that last ounce of performance

Posted on 2011-02-07 by Graham

As I get confused by a component of an application that should be network-bound actually being limited by CPU availability, I get reminded of the times in my career that I’ve dealt with application performance. I used to work on … Continue reading →

Posted in antivirus, software-engineering | Comments Off

On Timeless Programming Books

Posted on 2011-01-26 by Graham

Recently, the Dog Spanner wrote about Programming With Quartz, a book written at the tail end of 2005 but which is still useful to Mac developers everywhere. I have to agree, this book is still on my shelf and gets … Continue reading →

Posted in books, Mac | 1 Comment

On the broken(?) Mac App Store

Posted on 2011-01-07 by Graham

A day after the Mac App Store was launched, people are reporting that it has been cracked. There are two separate stories here, a vapourware circumvention of the FairPlay DRM used to generate the receipts and a report that certain … Continue reading →

Posted in Business, Crypto, Encryption, Mac, Vulnerability | 1 Comment

Protecting source code

Posted on 2010-12-15 by Graham

As I mentioned on the missing iDeveloper.tv Live episode, one of the consequences of the Gawker hack was that their source code for their internal software was leaked into the Internet. I doubt any of my readers would want that … Continue reading →

Posted in Business, code-level, Data Leakage, Encryption, Policy, Responsibility, software-engineering | 5 Comments

On the Mac App Store

Posted on 2010-12-13 by Graham

I’ve just come off iDeveloper.TV Live with Scotty and John, where we were talking about the Mac app store. I had some material prepared about the security side of the app store that we didn’t get on to – here’s … Continue reading →

Posted in AAPL, Business, code-level, Encryption, government, iDeveloper.TV, Mac, Policy, Talk | 1 Comment

Did the UK create a new kind of “Crypto Mule”?

Posted on 2010-12-08 by Graham

It’s almost always the case that a new or changed law means that there is a new kind of criminal, because there is by definition a way to contravene the new law. However, when the law allows the real criminals … Continue reading →

Posted in Crypto, IANAL | 1 Comment

On how to get crypto wrong

Posted on 2010-12-07 by Graham

I’ve said time and time again: don’t write your own encryption algorithm. Once you’ve chosen an existing algorithm, don’t write your own implementation. Today I had to look at an encryption library that had been developed to store some files … Continue reading →

Posted in code-level, Crypto, Encryption | 1 Comment

A site for discussing app security

Posted on 2010-12-04 by Graham

There’s a new IT security site over at Stack Exchange. Questions and answers on designing and implementing IT security policy, and on app security are all welcome. I’m currently a moderator at the site, but that’s just an interim thing … Continue reading →

Posted in code-level, Policy, Privacy, Talk, threatmodel | Leave a comment