Archives for posts with tag: iOS

After Apple released a document last month describing iOS security in detail for the first time, a lively discussion about iMessage security ensued on Hacker News. The main criticism: users so not need to (cannot even) verify the authenticity of the public keys used to encrypt the messages. Instead users need to trust Apple to give them the right keys, and not to sneak an extra key in that would allow Apple (or the NSA) to eavesdrop on your messages. But is this criticism fair?

Read the rest of this entry »

When signing in to iMessage, your phone sends the AppleID and password in the clear over a secure channel to Apple’s directory service (IDS). This shouldn’t be an issue, except that the channel is secured using TLS (which has some issues lately, especially on iOS). As a result, it is easy to mount a man-in-the-middle attack, allowing an attacker to retrieve the password.

Read the rest of this entry »

When playing with my favourite calendar app it struck me it could be improved with a better way to enter the date and the time of an appointment. So I designed a few custom iOS keyboard layouts for this purpose.

Read the rest of this entry »