Real-life blast doors keeps fire, explosion, and radiation at bay. Designing blast doors into your system can also make it more secure, more resilient, and serves as a protective barrier from attacks.
Python Pillow’s Denial of Service Vulnerability
A popular image processing library has a vulnerability that can cause denial of service by a maliciously-crafted file causing the application to consume too much memory. Should you upgrade or is there another solution?
How to Securely Provide Apple ID Password into Notarization Build Jobs
Including passwords into the source tree is a big security breach. Similarly including passwords into build jobs would be insecure. Learn how to securely provide Apple ID credentials into notarization jobs.
Enabling Hardened Runtime on a Sparkle App
Notarization requirements is just around the corner in the coming release of macOS. But the Sparkle updater framework is not yet ready for it. Here’s how you can fix that.
Shared Frameworks in a Hardened Runtime World
macOS Catalina is just around the corner and with it comes mandatory notarization and hardened runtime. If your mac app accepts plugins or otherwise loads 3rd party frameworks and libraries, there are a few caveats that you’ll need to take care.
WordPress JetPack’s Vulnerability
Having social sharing functions on every page in your blog seems intuitively useful. However these could easily be exploited by malicious people to do bad things and pass the blame onto you. Learn what is the problem behind these social media buttons and what you should do as a webmaster.
Is Your Server Ready for iOS 9 and El Capitan?
Apple is enforcing a stronger encryption that applications need to use when connecting to their backends. Is your server secure enough to meet Apple’s standards? Being HTTPS doesn’t necessarily imply that it’s good enough.
Apple’s latest operating system updates – iOS 9 and OS X El Capitan – are enforcing stronger network encryption. This is wonderful for users – however it could mean extra work for developers and system administrators.
In short, applications are strongly encouraged to use HTTPS, TLS 1.2 and perfect forward secrecy. You might be saying to yourself, “We’re already serving through HTTPS, so we’re good.” As it turns out, it may not be that simple. It isn’t for Microsoft and you could be affected as well. Yes, at least one of Microsoft’s web services isn’t yet up to Apple’s security standards as of this writing.
Reverse-Engineering iCloud Keychain
Ever wonder how iCloud Keychain or 1Password works? Wonder no more.