Macintosh Operating Systems, Wireless Networks & Bluetooth Technology, Mobile Operating Systems, Networking & the Internet - Mac Users

Hacking and Securing iOS Applications: Stealing Data, Hijacking Software, and How to Prevent It

Name: Hacking and Securing iOS Applications: Stealing Data, Hijacking Software, and How to Prevent It
Author: Jonathan Zdziarski
ISBN: 9781449318741

by Jonathan Zdziarski

Available on Bookshop Write a review

Books.org participates in affiliate programs including Bookshop.org and the Amazon Services LLC Associates Program. We may earn a commission from qualifying purchases made through links on this page, at no additional cost to you.

Overview

This guide illustrates several types of iOS attacks, as well as the tools and techniques that hackers use. You’ll learn best practices to help protect your applications, and discover how important it is to understand and strategize like your adversary.

Examine subtle vulnerabilities in real-world applications—and avoid the same problems in your apps
Learn how attackers infect apps with malware through code injection
Discover how attackers defeat iOS keychain and data-protection encryption
Use a debugger and custom code injection to manipulate the runtime Objective-C environment
Prevent attackers from hijacking SSL sessions and stealing traffic
Securely delete files and design your apps to prevent forensic data leakage
Avoid debugging abuse, validate the integrity of run-time classes, and make your code harder to trace

Synopsis

If you’re an app developer with a solid foundation in Objective-C, this book is an absolute must—chances are very high that your company’s iOS applications are vulnerable to attack. That’s because malicious attackers now use an arsenal of tools to reverse-engineer, trace, and manipulate applications in ways that most programmers aren’t aware of.This guide illustrates several types of iOS attacks, as well as the tools and techniques that hackers use. You’ll learn best practices to help protect your applications, and discover how important it is to understand and strategize like your adversary.Examine subtle vulnerabilities in real-world applications—and avoid the same problems in your appsLearn how attackers infect apps with malware through code injectionDiscover how attackers defeat iOS keychain and data-protection encryptionUse a debugger and custom code injection to manipulate the runtime Objective-C environmentPrevent attackers from hijacking SSL sessions and stealing trafficSecurely delete files and design your apps to prevent forensic data leakageAvoid debugging abuse, validate the integrity of run-time classes, and make your code harder to trace

About the Author, Jonathan Zdziarski

Jonathan Zdziarski is better known as the hacker "NerveGas" in the iOS development community. His work in cracking the iPhone helped lead the effort to port the first open source applications to it, and his book iPhone Open Application Development taught developers how to write applications for the popular device long before Apple introduced its own SDK. Jonathan is also the author of many other books, including iPhone SDK Application Development and iPhone Forensics. Jonathan presently supports over 2,000 law enforcement agencies worldwide and distributes a suite of iOS forensic imaging tools to obtain evidence from iOS devices for criminal cases. He frequently consults and trains law enforcement agencies and assists forensic examiners in their investigations.

Jonathan is also a full-time Sr. Forensic Scientist, where, among other things, he performs penetration testing of iOS applications for corporate clients.