No Starch Press, a book publisher with an emphasis on technology, has released their latest book called iOS Application Security. The focus of the book is to address iOS security issues by educating readers about the common ways iOS applications sometimes fail to protect users and how to fix and identify those flaws. iOS Application Security also teaches developers how to build secure applications by looking at the structure and limitations of the iOS security model as well as ways local storage mechanisms can leak information.
Taking it a step further, the book also overviews how to encrypt data with Apple’s Keyhcain technology, the Data Protection API, and CommonCrypto. After a brief run down on Objective-C and mobile security threats, readers learn how to avoid programming flaws and implement protective measures. There’s a good portion dedicated to the use of white-box and black-box security testing methods, so developers can test their own programs and software for security flaws.
“This book contains the most thorough and thoughtful treatment of iOS security that you can find today. Any iOS developer who cares about their customers should use it to guide their product, architecture, and engineering decisions and to learn from the mistakes that David Thiel has spent his career finding and fixing.” – Alex Stamos, Facebook’s Chief Security Officer