Author Archives: Graham

About Graham

I make it faster and easier for you to create high-quality code.

NSConference MINI videos available

Posted on 2010-07-16 by Graham

During WWDC week I talked at NSConference MINI, a one-day conference organised by Scotty and the MDN. The videos are now available: free to attendees, or $50 for all 10 for non-attendees. My own talk was on extending the Clang … Continue reading

Posted in code-level, NSConf, software-engineering, tool-support | Leave a comment

On Trashing

Posted on 2010-07-16 by Graham

Back in the 1980s and 1990s, people who wanted to clandestinely gain information about a company or organisation would go trashing.[*] That just meant diving in the bins to find information about the company structure – who worked there, who … Continue reading

Posted in Business, Data Leakage, Policy, Twitter | Leave a comment

On detecting God Classes

Posted on 2010-07-08 by Graham

Opinion on Twitter was divided when I suggested the following static analyser behaviour: report on any class that conforms to too many protocols. Firstly, a warning: “too many” is highly contextual. Almost all objects implement NSObject and you couldn’t do … Continue reading

Posted in code-level, iPad, iPhone, Mac, software-engineering, tool-support | Leave a comment

On Fitt’s Law and Security

Posted on 2010-07-01 by Graham

…eh? Don’t worry, read on and all shall be explained. I’ve said in multiple talks and podcasts before that one key to good security is good user interface design. If users are comfortable performing their tasks, and your application is … Continue reading

Posted in iPad, iPhone, Mac, threatmodel, UI, user-error | 1 Comment

Using Aspect-Oriented Programming for Security Engineering

Posted on 2010-06-24 by Graham

This paper by Kotrappa Sirbi and Prakash Jayanth Kulkarni (link goes to HTML abstract, full text PDF is free) discusses implementation of an application’s security requirements in Java using Aspect-Oriented Programming (AOP). We have AOP for Objective-C (of sorts), but … Continue reading

Posted in code-level, software-engineering, tool-support | Leave a comment

A solution in need of a problem

Posted on 2010-06-16 by Graham

I don’t usually do product reviews, in fact I have been asked a few times to accept a free product in return for a review and have turned them all down. This is just such an outré product that I … Continue reading

Posted in Data Leakage | Leave a comment

Template class for unit testing Core Data entities

Posted on 2010-06-13 by Graham

Some time ago, in a blog far, far, away, I wrote about unit-testing Core Data. Essentially, your test case class should create a temporary, in-memory Core Data stack in -setUp, and clean it up in -tearDown. Your test methods can … Continue reading

Posted in CoreData, software-engineering, tool-support | Leave a comment

Configuring CruiseControl.rb in under an hour

Posted on 2010-06-12 by Graham

One of the changes I decided to make straight after NSConf MINI yesterday was to enable continuous integration for my projects. I had used CI before based on BuildBot, but that had left me less than impressed: It was really … Continue reading

Posted in software-engineering, tool-support | 3 Comments

On the extension of code signing

Posted on 2010-06-09 by Graham

One of the public releases Apple has made this WWDC week is that of Safari 5, the latest version of their web browser. Safari 5 is the first version of the software to provide a public extensions API, and there … Continue reading

Posted in Authorization, Browser, Codesign, Crypto, Mac, Windows | Comments Off on On the extension of code signing

On NSNull as an anti-pattern

Posted on 2010-05-25 by Graham

All this talk about type-safe collections may leave you thinking: but what about NSNull? Let’s say you have an array that only accepts objects conforming to MyProtocol. You can’t add +[NSNull null] to it, because it doesn’t implement the protocol. … Continue reading

Posted in code-level, iPad, iPhone, Mac | 7 Comments