Issue #52 December 2011
Top 5 iOS Application Security Flaws
by Amar Bhosale
Apple’s AppStore is currently the biggest mobile application store with over 500,000 applications and more than 10 billion downloads. The iPhone and iPad have become household names today. With the increasing adoption of the iOS platform, more and more developers have started developing their own iPhone applications. Although they work hard on the look and feel of the application, the developers often ignore the security aspect. Let us discuss a few common mistakes made by iOS application developers.… more →
Mobile Phone Data Encryption – Why is it necessary?
by Sreenarayan A
Mobile phones are very handy devices and are widely used by people around us for day-to-day functionalities. People are becoming more and more dependent on mobile phones for performing critical functionalities like bank transactions, etc. Subsequently, when people depend more on phones, for faster processing, a lot of sensitive data are stored in the phone and a considerable amount is also transmitted to the server. Any communication or storage for that fact, if not done in a secure manner, is a loophole left behind by a developer of that application! In this article, we will discuss how sensitive data can be encoded in the requests and how any penetration tester can break this encoding logic in order to manipulate and probe the server.… more →
Control Flow Myths busted in Java
by Ashish Rao
There are many things that we assume and use in this crazy world of "programming" without analyzing the behavior of programming entities. The more complex applications we build and use, the more we can understand their behavior in terms of their execution pattern. There are a few myths or misconceptions about certain programming entities in Java, which if left unexplored, can inadvertently lead to major programming flaws in the application. We will try and decipher these myths one by one.… more →