#appsec

Articles tagged with #appsec

Safely distributing API keys in your mobile app
The safest way is to keep your API keys server side. But if you have a library that's useable offline and it requires a license key to unlock, you will need a way to securely store that license key at runtime, without access to a server. Strap your h...
Jan 10, 20245 min read3.7K
The importance of `final` for security
When creating a Swift class or actor, if you don't intend to override any of the functions in that class you should use the final keyword. Here's an example of why this is important: Notice that the attacker did not even need to match the function n...
Jan 7, 20242 min read315
Your Swift app is full of symbols, even if stripped.
We have been drilled that we should strip debugging symbols before releasing our app on the App Store. Apple even does this automatically for us in the build settings when we create a new project. However when we are using Swift as our programming la...
Jan 6, 20241 min read890

#appsec - Blog on Mobile app security and reliability on iOS and macOS.