Security

HULK BASH! - The Internet is Broken, But My Part is Fine

Well, the Internet is broken again. It sucks to be us (and by “us” I mean “people whose income depends on a working Internet”). But as for my piece of the Internet, I’m not too worried. I’m paranoid, but not worried. I’ve been hacked a lot over the years. The first Unix machine I ever had root on was hacked within a week of me becoming responsible for it — because it was one of the few unmetered machines at the university where I was working my way through school.

 2 min read

Steal This Code and Protect Their Data: Simplifying KeyChain Access

##The Code The last couple of months, I’ve been working on my first Mac App (more on that in a later post). As part of this App, I’m calling a REST API that requires that I have the user’s password for that service to use in the API calls. Although that API is a minor part of the App, and although the service doesn’t have horrible consequences if someone gets the user’s password for it (in my opinion at least), there was no way I was going to store that password on disk unencrypted.

 4 min read

Hidden VPN/DNS Gem in Apple's iOS4.1 announcement today

I’ve been on-again, off-again fighting with getting my iPhone 4 to talk to a Cisco VPN concentrator to connect to a company internal network. The iPhone would connect, but it couldn’t resolve any names, but my iPad worked with no issues.Turns out, the problem was with iOS 4.0.x’s implementation of Multicast DNS. According to this IETF draft, ‘…Any DNS query for a name ending with “.local.” MUST be sent to the mDNS multicast address…’, which Apple took literally for iOS 4.

 1 min read