Author Archives: Graham

About Graham

I make it faster and easier for you to create high-quality code.

Configuring CruiseControl.rb in under an hour

Posted on 2010-06-12 by Graham

One of the changes I decided to make straight after NSConf MINI yesterday was to enable continuous integration for my projects. I had used CI before based on BuildBot, but that had left me less than impressed: It was really … Continue reading →

Posted in software-engineering, tool-support | 3 Comments

On the extension of code signing

Posted on 2010-06-09 by Graham

One of the public releases Apple has made this WWDC week is that of Safari 5, the latest version of their web browser. Safari 5 is the first version of the software to provide a public extensions API, and there … Continue reading →

Posted in Authorization, Browser, Codesign, Crypto, Mac, Windows | Comments Off

On NSNull as an anti-pattern

Posted on 2010-05-25 by Graham

All this talk about type-safe collections may leave you thinking: but what about NSNull? Let’s say you have an array that only accepts objects conforming to MyProtocol. You can’t add +[NSNull null] to it, because it doesn’t implement the protocol. … Continue reading →

Posted in code-level, iPad, iPhone, Mac | 7 Comments

On type safety and making it harder to write buggy code

Posted on 2010-05-24 by Graham

Objective-C’s duck typing system is both a blessing and a curse. A blessing, in that it’s amazingly flexible. A curse, in that such flexibility can lead to some awkward problems. Something that typically happens in dealing with data from a … Continue reading →

Posted in code-level, iPad, iPhone, Mac | 5 Comments

Careful how you define your properties

Posted on 2010-05-19 by Graham

Spot the vulnerability in this Objective-C class interface: @interface SomeParser : NSObject { @private NSString *content; } @property (nonatomic, retain) NSString *content; – (void)beginParsing; //… @end Any idea? Let’s have a look at a use of this class in action: … Continue reading →

Posted in iPad, iPhone, Mac, Vulnerability | 2 Comments

Why OS X (almost) doesn’t need root any more

Posted on 2010-05-12 by Graham

Note: this post was originally written for the Mac Developer Network. In the beginning, there was the super-user. And the super-user was root. When it comes to doling out responsibility for privileged work in an operating system, there are two … Continue reading →

Posted in Authorization, Mac, PCAS | Comments Off

On improved tool support for Cocoa developers

Posted on 2010-05-12 by Graham

I started writing some tweets, that were clearly taking up too much room. They started like this: My own thoughts: tool support is very important to good software engineering. 3.3.1 is not a big inhibitor to novel tools. /cc @rentzsch … Continue reading →

Posted in PCAS, threatmodel, tool-support | 1 Comment

On localisation and security

Posted on 2010-05-09 by Graham

Hot on the heels of Uli’s post on the problems of translation, I present another problem you might encounter while localising your code. This is a genuine bug (now fixed, of course) in code I have worked on in the … Continue reading →

Posted in buffer-overflow, l10n, Mac, Vulnerability | 2 Comments

Which vendor “is least secure”?

Posted on 2010-04-30 by Graham

The people over at Intego have a blog post, Which big vendor is least secure? They discuss that because Microsoft have upped their game, malware authors have started to target other products, notably those produced by Adobe and Apple. That … Continue reading →

Posted in Business, Responsibility, threatmodel, Vulnerability | 2 Comments

Why passwords aren’t always the right answer.

Posted on 2010-04-29 by Graham

I realised something yesterday. I don’t know my master password. Users of Mac OS X can use FileVault, a data protection feature that replaces the user’s home folder with an encrypted disk image. Encrypted disk images are protected by AES-128 … Continue reading →

Posted in Encryption, Keychain, Mac, password | 3 Comments